Re: svnserve.conf: anon-access = none (instead of read)

From: Malcolm Rowe <malcolm-svn-dev_at_farside.org.uk>
Date: 2006-11-08 15:33:15 CET

On Wed, Nov 08, 2006 at 02:06:05PM +0000, Max Bowsher wrote:
> What if a user creates a repository never intending it for svnserve
> access at all, and therefore does not bother to configure
> conf/svnserve.conf, but then later, a svnserve daemon is deployed
> operating without a --root parameter?
>
> Given the possibility for accidents of this nature, I'm inclined to
> implement Olaf's suggestion.
>

Personally, I think it's pretty crazy that svnserve doesn't require a
explicit --root option to run. Is that ever a safe configuration?

Regards,
Malcolm

application/pgp-signature attachment: stored

Received on Wed Nov 8 15:33:43 2006

This message: [ Message body ]
Next message: Malcolm Rowe: "Re: Bug with SVN::Client::diff() and in-memory files"
Previous message: Max Bowsher: "Re: [HCoop-Discuss] SVN security issues"
In reply to: Max Bowsher: "Re: svnserve.conf: anon-access = none (instead of read)"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]