[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Queries about SVN (Security related)

From: Daniel Shahaf <d.s_at_daniel.shahaf.name>
Date: Tue, 29 Nov 2011 08:44:34 +0200

Jerryleen S wrote on Tue, Nov 29, 2011 at 10:50:06 +0530:
> but as per discussion in the thread it isn't possible to differentiate
> deleting or adding or modifying transaction during pre-commit script.
>

I don't understand what you're claiming. The situation is:

- The pre-commit hook knows the EXACT contents of the transaction
  (which will become a revision if the hook does exit(0)). That in
  particular includes the equivalent of 'svn log -qv' of the txn.

  (five minutes on a file:///tmp/r repository with 'svnlook -t' will
  confirm or refute this)

- The pre-commit hook can modify the txn before it becomes a revision.
  Such modifications cannot be communicated to the client performing the
  commit.

  (for the former assertion, see svn_fs_open_txn() and similar FS APIs.
  for the latter, the client code (libsvn_ra and libsvn_wc) assumes that
  the changes sent to the server are those committed, and updates the wc
  state based on the changes sent.)

> On Monday, November 28, 2011 8:36 AM, "Daniel Shahaf" <d.s_at_daniel.shahaf.name> wrote:
> > I haven't read the thread but I'd like to clarify one thing: a pre-
> > commit hook sees the transaction (ie, candidate revision) as it will
> > exist once committed. It sees exactly what is deleted and what is
> > modified. And it can accept or reject it on that basis.
Received on 2011-11-29 07:45:48 CET

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.