On Fri, Jan 11, 2002 at 10:31:41AM +0200, Max Ischenko wrote:
Because it is written in Python, you may have an easier time integrating it in Zope.
How's that?
You may be able to integrate ViewCVS a s a Product into Zope, I meant. This in contrast to calling ViewCVS as an external program.
Note however that Zope runs as an anonymous user as well, and that switching to other users may not be feasable. You would do better adding a special user to all groups that exist in the repository, such that the CGI user can read all CVS files.
I was thinking about using sudo to execute cvsweb or maybe just set it suid root.
Which has it's own risks of course. However much I trust Greg Stein and his code, if there is a security hole in ViewCVS that can be exploited this way, you are toast. -- Martijn Pieters | Software Engineer mailto:mj@zope.com | Zope Corporation http://www.zope.com/ | Creators of Zope http://www.zope.org/ ---------------------------------------------
At 10:58 AM 1/11/2002 -0500, Martijn Pieters wrote:
Because it is written in Python, you may have an easier time integrating it in Zope.
How's that?
You may be able to integrate ViewCVS a s a Product into Zope, I meant. This in contrast to calling ViewCVS as an external program.
I was actually thinking about implementing that. It is the last step we need to build a Zope-based Source Forge. All other components exist and just need to be put together in a nice collection. Regards, Stephan -- Stephan Richter CBU - Physics and Chemistry Student Web2k - Web Design/Development & Technical Project Management
participants (2)
-
Martijn Pieters -
Stephan Richter