> -----Original Message-----
> From: Matt Sickler [mailto:email@example.com]
> Sent: Wednesday, September 19, 2007 5:18 PM
> To: David W. Wilson
> Cc: firstname.lastname@example.org
> Subject: Re: Things that mighta made my life easier
> On 9/19/07, David W. Wilson <email@example.com> wrote:
> > Many IT people today have greatness thrust upon them, and I have just
> > implemented a Collabnet SVN Server quick, fast and in a hurry with a
> > modicum of IT knowledge. I count myself fortunate to have found CSS,
> as it
> > allowed me to quickly set up a the server meeting security guidelines
> with a
> > minimum of developer disruption.
> > My task would have been easier if:
> > - The SVN guide showed me how to implement global SVN+Apache
> > security, not just SVN repository security.
> Arent those two things the same?
If you install SVN+Apache according to the SVN guide, or install CSS+Apache
using the defaults, you get an Apache web server hosting an SVN repository.
The SVN repository will be accessible through a URL similar to
http://svnserver/svndir/svnrep/. The repository directory
http://svnserver/svndir/ is apparently configured with no access out of the
box (at least in CSS), but the web server root http://svnserver/ is an
ordinary web directory with global read access (and possibly(?) write
access, given that WebDAV is installed). If you navigate to
http://svnserver/ after installing SVN+Apache or CSS+Apache, you will see
the Apache default home page.
The SVN guide tells you how to control access to your repositories using
directives within a <Location /svndir> section. These directives control
access only within the SVN repository directory http://svnserver/svndir.
However, the web server root directory http://svnserver/ remains globally
accessible. I realize that technically, the web server root is not part of
SVN, however, I don't think it is safe to assume that a configuration
manager is also a webmaster (indeed, you can install CSS as a Windows
service, install TortoiseSVN, and create a remotely accessible repository
with no webmaster knowledge whatsoever). The SVN guide should make the
configuration manager aware of the web server root and the need to control
access to it, with examples. It would also be nice to advertize its
potential to host an SVN server home page.
While I'm the last person to espouse a dumb-down approach to anything, IT
people often have a lot to accomplish in a little time with little
knowledge, and need as much help as they can get.
To unsubscribe, e-mail: firstname.lastname@example.org
For additional commands, e-mail: email@example.com
Received on Thu Sep 20 19:08:29 2007