doc/manual.docbook
changeset 137 5bcd5a5e4220
parent 136 492bc9e536e1
child 138 44ee9dc3bba9
equal deleted inserted replaced
136:492bc9e536e1 137:5bcd5a5e4220
   388 <title>Security</title>
   388 <title>Security</title>
   389 <para>
   389 <para>
   390 mercurial-server relies entirely on sshd to grant access to remote users.
   390 mercurial-server relies entirely on sshd to grant access to remote users.
   391 As a result, it runs no daemons, installs no setuid programs, and no part
   391 As a result, it runs no daemons, installs no setuid programs, and no part
   392 of it runs as root except the install process: all programs run as the user
   392 of it runs as root except the install process: all programs run as the user
   393 hg. And any attack on mercurial-server can only be started if the Bad Guys
   393 hg. Any attack on mercurial-server can only be started if the attacker
   394 already have a public key in <filename>~hg/.ssh/authorized_keys</filename>,
   394 already has a public key in <filename>~hg/.ssh/authorized_keys</filename>,
   395 otherwise sshd will bar the way.
   395 otherwise sshd will bar the way.
   396 </para>
   396 </para>
   397 <para>
   397 <para>
   398 No matter what command the user tries to run on the remote system via SSH,
   398 No matter what command the user tries to run on the remote system via SSH,
   399 mercurial-server is run. It parses the command line the user asked for, and
   399 mercurial-server is run. It parses the command line the user asked for, and