using svn:// protocol for sensitive data

From: Jon Rue <jonrue_at_u.washington.edu>
Date: 2007-07-09 22:15:34 CEST

I am in the processing of setting up a subversion repository for
managing sensitive data (budgets, salaries, etc.) for my department's
administrative staff. They are dispersed all over the university and our
department doesn't have any central resources to host the data so I am
using the university's main web server farm to host the repository. I
was planning on using the svn:// protocol to access the repository since
it might be next to impossible to get the university admins to alter the
apache configuration and none of the users have local accounts on the
servers so svn+ssh:// wouldn't work.

Does anyone think it is a bad idea to use just the svn:// protocol for
managing access to sensitive data? Anon access will be disabled and I am
setting up password files and access rules using the authz mechanism.
Our servers are running version 1.3.2 of subversion. Getting that
updated to a more recent version might be a tall order as well.

-- 
Jon Rue
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

Received on Mon Jul 9 22:11:44 2007

This message: [ Message body ]
Next message: Eli Carter: "Re: svn mv "breaks" annotate?"
Previous message: Jason Winnebeck: "svn mv "breaks" annotate?"
Next in thread: Karl Fogel: "Re: using svn:// protocol for sensitive data"
Reply: Karl Fogel: "Re: using svn:// protocol for sensitive data"
Reply: Jason Winnebeck: "Re: using svn:// protocol for sensitive data"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]