Fossil SCM
Added a paragraph to allay fears about the "localhost bypasses the RBAC" fears the prior discussion of "fossil ui" may raise. This gives another chance to direct the user to "fossil server" and the rest of the /www/server/ docs.
Commit
afb3db92001c15466f52ef60a89b2e4a40fb531cf70cc4a61732924de8fb13b6
Parent
eb52410b0c3219a…
1 file changed
+10
+10
| --- www/quickstart.wiki | ||
| +++ www/quickstart.wiki | ||
| @@ -352,10 +352,20 @@ | ||
| 352 | 352 | database file could be using the resulting web interface. Anyone who can |
| 353 | 353 | modify the repo DB directly could give themselves any and all access |
| 354 | 354 | with a SQL query, or even by direct file manipulation; no amount of |
| 355 | 355 | access control matters to such a user. |
| 356 | 356 | |
| 357 | +(Contrast the [./server/ | many <i>other</i> ways] of setting Fossil up | |
| 358 | +as an HTTP server, where the repo DB is on the other side of the HTTP | |
| 359 | +server wall, inaccessible by all means other than Fossil's own | |
| 360 | +mediation. For this reason, the "localhost bypasses access control" | |
| 361 | +policy does <i>not</i> apply to these other interfaces. That is a very | |
| 362 | +good thing, since without this difference in policy, it would be unsafe | |
| 363 | +to bind a [/help?cmd=server | <b>fossil server</b>] instance to | |
| 364 | +localhost on a high-numbered port and then reverse-proxy it out to the | |
| 365 | +world via HTTPS, a practice this author does engage in, with confidence.) | |
| 366 | + | |
| 357 | 367 | Once you are finished configuring Fossil, you may safely Control-C out |
| 358 | 368 | of the <b>fossil ui</b> command to shut down this privileged |
| 359 | 369 | built-in web server. |
| 360 | 370 | |
| 361 | 371 | <h2 id="sharing">Sharing Changes</h2> |
| 362 | 372 |
| --- www/quickstart.wiki | |
| +++ www/quickstart.wiki | |
| @@ -352,10 +352,20 @@ | |
| 352 | database file could be using the resulting web interface. Anyone who can |
| 353 | modify the repo DB directly could give themselves any and all access |
| 354 | with a SQL query, or even by direct file manipulation; no amount of |
| 355 | access control matters to such a user. |
| 356 | |
| 357 | Once you are finished configuring Fossil, you may safely Control-C out |
| 358 | of the <b>fossil ui</b> command to shut down this privileged |
| 359 | built-in web server. |
| 360 | |
| 361 | <h2 id="sharing">Sharing Changes</h2> |
| 362 |
| --- www/quickstart.wiki | |
| +++ www/quickstart.wiki | |
| @@ -352,10 +352,20 @@ | |
| 352 | database file could be using the resulting web interface. Anyone who can |
| 353 | modify the repo DB directly could give themselves any and all access |
| 354 | with a SQL query, or even by direct file manipulation; no amount of |
| 355 | access control matters to such a user. |
| 356 | |
| 357 | (Contrast the [./server/ | many <i>other</i> ways] of setting Fossil up |
| 358 | as an HTTP server, where the repo DB is on the other side of the HTTP |
| 359 | server wall, inaccessible by all means other than Fossil's own |
| 360 | mediation. For this reason, the "localhost bypasses access control" |
| 361 | policy does <i>not</i> apply to these other interfaces. That is a very |
| 362 | good thing, since without this difference in policy, it would be unsafe |
| 363 | to bind a [/help?cmd=server | <b>fossil server</b>] instance to |
| 364 | localhost on a high-numbered port and then reverse-proxy it out to the |
| 365 | world via HTTPS, a practice this author does engage in, with confidence.) |
| 366 | |
| 367 | Once you are finished configuring Fossil, you may safely Control-C out |
| 368 | of the <b>fossil ui</b> command to shut down this privileged |
| 369 | built-in web server. |
| 370 | |
| 371 | <h2 id="sharing">Sharing Changes</h2> |
| 372 |