1 |
>> The problem with that is he will need to test his code in the working |
2 |
>> system. |
3 |
|
4 |
why in the production system?
|
5 |
|
6 |
>>I need a way for him to be able to read/write to a certain |
7 |
>> file or files within the working system, but have no read/write |
8 |
>> access to any other files in the system. |
9 |
>> |
10 |
>> Is SFTP perhaps the way to go for this? |
11 |
>> |
12 |
>> - Grant |
13 |
> |
14 |
>For some reason I thought SFTP would provide access control but now |
15 |
>I'm thinking it's just like SSH in that access control is based on |
16 |
>file ownership and permissions? |
17 |
|
18 |
yes.
|
19 |
|
20 |
> If that's the case, can anyone think |
21 |
>of a better way to control remote access to my files than chmod/chown? |
22 |
|
23 |
someone already did ;)
|
24 |
http://www.gentoo-wiki.info/HOWTO_Use_filesystem_ACLs
|
25 |
|
26 |
> I think it would be nice if the access control were built into the |
27 |
>transport mechanism, version control system, or something else already |
28 |
>in use, but it doesn't sound like that's going to happen. |
29 |
|
30 |
its certainly possible to control the write access with ACLs. read
|
31 |
access however is a different story because as soon as his code runs in
|
32 |
the context of the webrowser he will likely be able to read the rest of
|
33 |
the code. |