[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Feature request: Disable ssl prompting in "servers" for better security

From: John Peacock <jpeacock_at_rowman.com>
Date: 2004-12-21 02:43:02 CET

Tom Martin wrote:
> A new boolean config entry "ssl-no-promt" for the "servers" config file.
> If the ssl host cannot be authenticated using "ssl-authority-files",
> the svn client fails without promting.

It seems like a waste to spend time adding a new config entry to deal with a
situation brought on by poor network management practices. Repositories on a
network must be in a 'fixed' location, so that clients can contact them. If you
choose to give the repository a floating IP (a bad idea in the first place),
then the clients must be able to resolve the server address by name (via some
resolution method). Said method should (according to good design) contain a
cache that is shorter than any time limit on an assigned IP address.

I think that this was a classic case of shooting yourself in the foot; the tool
(in this case Subversion) should not be in the business of setting rules for
your network that would prevent this from happening. There is no security
failure here other than the unwise decision to have a movable repository
containing sensitive information and the developer's inability to read an error
message and act on it appropriately. IMNSHO.

John

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Dec 21 02:46:04 2004

This is an archived mail posted to the Subversion Dev mailing list.