| 1 |
>> The problem with that is he will need to test his code in the working |
| 2 |
>> system. |
| 3 |
|
| 4 |
why in the production system?
|
| 5 |
|
| 6 |
>>I need a way for him to be able to read/write to a certain |
| 7 |
>> file or files within the working system, but have no read/write |
| 8 |
>> access to any other files in the system. |
| 9 |
>> |
| 10 |
>> Is SFTP perhaps the way to go for this? |
| 11 |
>> |
| 12 |
>> - Grant |
| 13 |
> |
| 14 |
>For some reason I thought SFTP would provide access control but now |
| 15 |
>I'm thinking it's just like SSH in that access control is based on |
| 16 |
>file ownership and permissions? |
| 17 |
|
| 18 |
yes.
|
| 19 |
|
| 20 |
> If that's the case, can anyone think |
| 21 |
>of a better way to control remote access to my files than chmod/chown? |
| 22 |
|
| 23 |
someone already did ;)
|
| 24 |
http://www.gentoo-wiki.info/HOWTO_Use_filesystem_ACLs
|
| 25 |
|
| 26 |
> I think it would be nice if the access control were built into the |
| 27 |
>transport mechanism, version control system, or something else already |
| 28 |
>in use, but it doesn't sound like that's going to happen. |
| 29 |
|
| 30 |
its certainly possible to control the write access with ACLs. read
|
| 31 |
access however is a different story because as soon as his code runs in
|
| 32 |
the context of the webrowser he will likely be able to read the rest of
|
| 33 |
the code. |
Archives