Mailinglist Archive: opensuse-buildservice (251 mails)

< Previous Next >
Re: [opensuse-buildservice] OBS 2.1 Beta 1 released
  • From: Robert Xu <robxu9@xxxxxxxxx>
  • Date: Thu, 23 Sep 2010 12:20:38 -0400
  • Message-id: <AANLkTi=pBYjEssQ8wCezm-iUgm-k1PDL4sfjKYq_CNxi@xxxxxxxxxxxxxx>
On Thu, Sep 23, 2010 at 11:15, Martin Mohring
<martinmohring@xxxxxxxxxxxxxxxxxxx> wrote:
Hi,

Adrian: fully correct.

And last but not least I will write down a list of cautions should you
still want to use the other flags also, because they are useful for you.

They do not make the system more unsecure compared to using only
"sourceaccess".

Martin

Adrian Schröter wrote:
Am Mittwoch, 22. September 2010, 17:47:21 schrieb Martin Mohring:

Hi,

I would like to emphasize that the Access Control System implemented now
is more than just another flag. It the most intrusive API change of OBS
since a long time.

Those willing to try out, we had documented the system here:
http://en.opensuse.org/openSUSE:Build_Service_Concept_ACL

All the documented flags and permissions are implemented.


Just to clarify, only "sourceaccess" is usable with 2.1.

The others of this concept ("access" and "privacy") can't be used since
the protection of them is not complete. However you could allow the usage
on your local instace by modifing the schema files of project and package
meta data (look for the commented out parts).

"binarydownload" is also still there, but not considered as security
mechanism so far. Just as bandwidth protection, since you can still "steal"
binaries protected via this flag in various ways.





The new source services with OBS 2.1... Do I need to set them up in
any way, or just install them?
Because I added the new source services and my lighttpd does not run anymore.


--
later, Robert Xu
--
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-buildservice+help@xxxxxxxxxxxx

< Previous Next >