[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: repository permissions - some general security questions

From: Michael Wood <mwood_at_its.uct.ac.za>
Date: 2002-07-24 16:29:28 CEST

On Wed, Jul 24, 2002 at 10:14:21AM -0400, Kevin Pilch-Bisson wrote:
> On Wed, Jul 24, 2002 at 04:16:25PM +0200, Michael Wood wrote:
> > On Wed, Jul 24, 2002 at 04:02:07PM +0200, Timothee Besset wrote:
> > [snip]
> > > My problem is with the repository filesystem itself. The README
> > > advises to chmod 777 which give +rw to anything on the system. This is
> > > clearly a big hole, and blocker in my case. I want to have at least rw
> > > restricted to a specific group.
> > [snip]
> >
> > The user that apache runs as needs write access to the repository. I
> > don't think it needs to be world writable.
> >
> Well, if you want to use ra_local, then the repository needs to be writable by
> any user using the repository.

True, but then you can put them all in the same group and make the
repository group writable :)

-- 
Michael Wood <mwood@its.uct.ac.za>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Wed Jul 24 16:30:24 2002

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.