[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Why is conf/passwd world-readable?

From: Marcus Rueckert <darix_at_web.de>
Date: 2006-02-11 14:17:21 CET

On 2006-02-10 22:05:31 +0100, Olaf van der Spek wrote:
> Why is conf/passwd sometimes world-readable (depending on umask)?
> I think it should never be world-readable and always be created with
> mode 600.

1. because the password file has no protection worth data by default.
2. if you use a dedicated svn server there is no problem with world
   readable.
3. you dont use a dedicated svn server? you will definitely know how
   to protect the file better. no?

normally people create new repositories as root and chown/chgrp/chmod
them to the correct permissions to the svnserve can read it. one chmod
command more to make it only readable by the svnserve should not be this
hard.

just my 2 cents

    darix

-- 
           openSUSE - SUSE Linux is my linux
               openSUSE is good for you
                   www.opensuse.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sat Feb 11 14:17:59 2006

This is an archived mail posted to the Subversion Dev mailing list.