There is a difference between trusting the local machine and the
network. If I trust the local machine (let's say it's my computer and
there are no other users on it) having the directory be 0700 is the
same as being 0777 from a security point of view. However I still
might not trust the network and thus wish to use svn+ssh or https.
Just something to keep in mind if you decide to start making things
fail based on permissions.
Michael
On Mar 4, 2005, at 5:27 AM, Manuel VACELET wrote:
> Michael Sinz wrote:
>> The next question is if the client should warn / fail to work if
>> the directory is not secure. (Much like other secure software
>> does, such as SSH / OpenSSH) Personally, I don't know if
>> Subversion needs to be that strict for all, but I, for one, would not
>> mind if it were.
>
>
> From my point of view, subversion should -at least- warn if the
> directory is not secure. And if you are using proxy password or secure
> protocol (svn+ssh or https) subversion have to fail.
>
> Manuel
>
> --
> # VACELET Manuel manuel.vacelet-abecedaire(at)st(dot)com #
> # Tel: 042 6089 +33 (0)476 92 6089 #
> # STMicroelectronics - HPC/STS #
> # 850, rue Jean Monet - 38926 CROLLES CEDEX - FRANCE #
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
> For additional commands, e-mail: dev-help@subversion.tigris.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Mon Mar 7 17:15:44 2005