On Sun, Nov 2, 2008 at 12:34 PM, Ryan Schmidt
<subversion-2008c_at_ryandesign.com> wrote:
<snip>
> The file protocol is not appropriate for a production repository, or when
> multiple users are accessing it. It provides zero security. Anyone can take
> your entire repository home and easily circumvent any access policy you may
> have set, and anyone can browse the repository location in Windows Explorer
> or any other file browser and accidentally or intentionally delete the
> entire thing, or only delete specific older revisions, or replace data, or
> alter your hook scripts or do anything else, which you might not notice
> until it's too late.
>
> Since the FAQ is non-specific, I'll clarify: you can host an FSFS repository
> on NFS (if your NFS server is set up right) in that you can access the
> repository that way from a single computer that will then run apache or
> svnserve to serve the repository to others over http or svn protocols. The
> FAQ is not implying that multiple users should try to access an NFS-hosted
> repository directly over the file protocol.
Thanks for clearing that up. I'm still don't understand why we're any
safer with
svn+ssh. The svn book recommends "to place every potential repository user
into a new svn group, and make the repository wholly owned by that group".
If all users can ssh into the svn+ssh host and are all in the group svn, can't
they do any of the evil things that you mentioned they could do with the
file protocol? It doesn't seem like once they've logged into the svn+ssh
host there is anything to prevent them from using to file protocol.
Thanks,
David
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-11-03 04:00:52 CET