[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: ssh based access?

From: Perry E. Metzger <perry_at_wasabisystems.com>
Date: 2002-04-16 04:27:17 CEST

Brian Behlendorf <brian@collab.net> writes:
> > The real problem is that Apache is very large. It has to be to do all
> > that it does, but that means that it is hard to secure it because you
> > can't audit all the relevant code. Big is bad in security.
>
> If the extra modules are stripped out, and you run only the prefork MPM,
> it's pretty small.

But that's not how we're running Apache for subversion.

> Perhaps the inauditability of the codebase could be
> reconsidered?

It isn't a question of what we would like. In general, once an app
gets too large you can't audit it, and Apache is way way bigger than
you can audit.

> It's not like people aren't running Apache in pretty secure
> production situations - it's at least secure enough for netbsd's own web
> site (and openbsd's as well).

Our web site is not considered a secure application. We're fully
prepared (and expect) for it to be broken into and to have to recover
it. Our code repository is a very different animal. Breakins there
could be very bad.

BTW, I'm perfectly happy using naked Apache as the front end for the
anonymous CVS equivalent in SVN. 

--
Perry E. Metzger		perry@wasabisystems.com
--
NetBSD: The right OS for your embedded design. http://www.wasabisystems.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Apr 16 04:28:14 2002

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.