> From: Michael Price [mailto:mprice@atl.lmco.com]
>
> Robert W Anderson writes:
> > This is the subversion's achilles heel for those of us who work in
> > security minded environments (and there are a hell of a lot of
us!).
> If
> > you can put it through ssh, we can probably use it. Until then,
we're
> > probably stuck, or at least have a huge barrier to entry.
>
> I can second that. There's no way in the world my company would let
you
> run apache on any machine without going through a very long process.
Its
> not worth the hassle. So while I can use subversion on my local
machine,
> its never going to get widespread use here until you don't need a
> dedicated server.
>
You know this line of argument is silly. You didn't even explain your
possible deployment scenario. It's yet to be determined whether
Subversion needs/requires its own machine (due to perf/scaling isssues),
so I don't know why you think it requires a dedicated server. It may/or
may not require it's own Apache server, but that's deployment specific.
The setup burden is currently high, so feel free to help us engineer the
lowering of that barrier.
Complain about the setup burden all you want, but the deployment
logistics of Subversion's ra_dav layer don't prohibit you from doing
anything.
Sane security policies at places where security is very tight should be
examining all application traffic that occurs over SSH ports anyway.
Security folks aren't too happy about SOAP over HTTP for good reasons
after all. So you already should have to accomplish explaining how much
better Subversion is to your security team. Somehow I don't feel too
sorry for folks in such environments. You work in a high security area.
Change is slow in such areas. Duh. If you don't like it, go find a
better work environment down the street.
If your security folks are just being dorks, won't talk to you even if
your security shouldn't have to be so tight, you're annoyed that
Subversion might take longer to deploy at your company due to
Subversion's current deployment model, and you're whining about that,
then help finish ra_pipe and stop going on about this "issue".
If you want your place of employment to move forward more quickly, then
fight for change. There's a reason they say "one person can make a
difference" you know.
Can we get back to talking about issues what are getting worked on, or
are currently in scope for 1.0, so that we can ship this thing?
Thanks,
Bill
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Aug 30 19:14:50 2002