On 05.08.2013 19:54, Ben Fritz wrote:
> On Mon, Aug 5, 2013 at 12:22 PM, Stefan Küng <tortoisesvn_at_gmail.com> wrote:
>> On 05.08.2013 18:15, Ben Fritz wrote:
>>>
>>> Can I specify a repository path to a file NOT in the working copy, and
>>> have it run as a hook script? Or do I need to stick it on a common
>>> network share or something like that?
>>
>> Sorry, no. That would be a big security issue since then TSVN would
>> actually execute potentially dangerous and/or malicious code.
>> At least by only executing script that are in the repository and the
>> working copy we can assume that you need at least commit access to the
>> repo to have something execute.
>>
>
> Sure...but the commit access argument also applies to files in the
> repository but not the current working copy. E.g. if I have:
>
> /repo/trunk/file1
> /repo/trunk/hook1.bat
> /repo/tools/clienthooks/hook2.bat
>
> Then why is running hook1 any more secure than running hook2?
It's not, but to execute a file it must be present locally. So you must
have it in your working copy.
>
> For that matter, I see from
> http://tortoisesvn.net/docs/release/TortoiseSVN_en/tsvn-dug-settings.html
> that I can't use UNC paths, but I guess anything on the C: drive or
> any mapped network drives would be fair game; that's not too secure
> either. Anyway, http://tortoisesvn.net/tsvn_1.8_releasenotes.html says
> TSVN will ask the user first before running.
Actually, executing anything on an UNC path most likely won't work
because of the Windows security settings. You can try running e.g. a
jscript file from there and you'll get a security warning dialog. But if
you run it from a command line or try to do it without an UI, then you
won't get such a warning dialog but instead it simply fails.
That's what's meant in the docs.
> As a workaround assume I can do:
>
> :: Wrapper bat file
> @echo off
> svn cat http://example.com/repo/tools/clienthooks/hook2.bat > hook_script.bat
> call hook_script.bat
> del hook_script.bat
> :: end wrapper bat file
>
> But this just seems silly.
And where would you put that wrapper bat file? If it's not inside the
working copy, the hook won't execute it.
Stefan
--
___
oo // \\ "De Chelonian Mobile"
(_,\/ \_/ \ TortoiseSVN
\ \_/_\_/> The coolest interface to (Sub)version control
/_/ \_\ http://tortoisesvn.net
------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=3062092
To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2013-08-05 21:51:26 CEST