Website Maintenance Via CVS HOW-TO | ||
---|---|---|
<<< Previous | Introduction | Next >>> |
The system is going to be running both a CVS repository and a webserver. The users will not update their pages directly, rather the webserver will be serving pages from a checked out copy of a CVS repository. Users will also have a home directory where they can get the kinks worked out of the site before going live. This system has several advantages:
Security:
Chroot: The webserver will be running inside chroot jail. This will prevent users from accessing files in the regular filesystem and will limit the exploits possible from a compromised account.
Limited Login: Users will have a restricted shell and will only be allowed to perform a few basic operations like changing their passwords and running cvs.
Apache: Several security constrictions will be placed on Apache to control the ways that it may be accessed and how it serves pages.
SSH: Access to the repository will be via SSH. This will allow access from anywhere on the Internet with a relatively high degree of security.
CVS: File permissions will be structured in such a way that users are only able to alter certain pages and they will not be able to permanently remove files from the repository. An attack could temporarily alter the pages that a user has permission to alter, but without exploiting the CVS server it is not possible to permanently alter the site.
Quotas: Users will have limits on the amount of information that they can store. Disk space is not an issue and the limits will not be such that it should ever affect the ability to create a site, but it will prevent certain denial of service attacks.
Accessibility:
Users will be able to access their files from any platform that supports CVS. This includes nearly every operating system. WinCVS can be used for Windows users and it provides a simple GUI interface.
Users will be able to edit their files in whatever editor they prefer and then upload the changed files.
ViewCVS will be installed allowing users and administrators to see what changes have been made to the pages, when and by whom.
Accountability:
CVS will handle this in spades. The exact time, nature and owner of all changes will be recorded and reversible.
Appropriate Communication:
Mailman will be running on the server. There will be a variety of lists devoted to different aspects of the development. Users can subscribe or unsubscribe to lists as their needs dictate.
Drawbacks:
Having the whole site in CVS requires a minimum of twice the disk space of a non-CVS setup. Given the prices of hard drives however this is not a serious concern.
<<< Previous | Home | Next >>> |
Goals | Up | Server Setup |