2f8b9bc3b7
The suexec command can only be run by a peer daemon, and permits the daemon to execute another command as a specific user identity. This is the foundation of allowing writes to be proxied from a slave server into the master, the slave just needs to SSH into the master and use suexec in front of the user supplied command line to perform an action on their behalf on the master. Unfortunately this means we have to trust the slave process, as it can become anyone, including an administrator. A better approach would be to use agent authentication and authenticate back through the slave to the user's agent process, but not every user connection may be using an agent. In particular batch jobs might be using an unencrypted key and no agent to authenticate. Change-Id: Icb8ddb16959f01189a6c0bdfc8fec45cdd99659b Signed-off-by: Shawn O. Pearce <sop@google.com> |
||
|---|---|---|
| .. | ||
| .settings | ||
| src | ||
| .gitignore | ||
| pom.xml | ||