[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: ssh based access?

From: Greg Stein <gstein_at_lyra.org>
Date: 2002-04-16 09:41:52 CEST

On Mon, Apr 15, 2002 at 10:27:17PM -0400, Perry E. Metzger wrote:
> Brian Behlendorf <brian@collab.net> writes:
> > > The real problem is that Apache is very large. It has to be to do all
> > > that it does, but that means that it is hard to secure it because you
> > > can't audit all the relevant code. Big is bad in security.
> >
> > If the extra modules are stripped out, and you run only the prefork MPM,
> > it's pretty small.
>
> But that's not how we're running Apache for subversion.

But that would appear to be your choice, hmm? You could definitely choose to
run an Apache that is configured much "smaller" on your source code
repository box. Run that on some alternate port, and you'll be set. Or if
you don't want users to mess with ports, you could use ProxyPass on your
main web server and pass request thru to the internal interface/port where
you've got your locked-down Subversion server.

The point is: if you want to get seriously tight with the security of the
server, the options are there.

[ and note that using apache as a proxypass thingy, you could map ssl on the
  outside to a plain http on the inside so the secure repository doesn't
  have to install ssl code ]

>...
> > It's not like people aren't running Apache in pretty secure
> > production situations - it's at least secure enough for netbsd's own web
> > site (and openbsd's as well).
>
> Our web site is not considered a secure application. We're fully

Why is it on the same box as the source code repository? Assuming you've
split the two, then the Apache running on the SVN box is single-purpose.

> prepared (and expect) for it to be broken into and to have to recover
> it. Our code repository is a very different animal. Breakins there
> could be very bad.

Agreed. apache.org has been through that, and I sympathize with the
resulting problems.

Cheers,
-g 

-- 
Greg Stein, http://www.lyra.org/
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Apr 16 09:42:20 2002

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.