On Fri, Oct 11, 2002 at 03:09:15PM -0400, Greg Hudson wrote:
> On Fri, 2002-10-11 at 13:37, Zack Weinberg wrote:
> > svn:construct -- If this property is set on a file, that file is
> > considered special. The text of the property is
> > a command which should be executed upon
> > checkout, which is expected to create the file.
> > See below for details.
>
> -1. It's horribly platform-specific and a security nightmare.
>
> A Unix-only shop where clients only talk to trusted repositories might
> be okay with this feature, but symlink support should definitely not
> have the second constraint, and should probably not have the first
> constraint. (We can't make symlinks on Windows, but we might be able to
> make an alias, which would be honored by at least some programs.)
I do not see why this is more of a security exposure than checking out
and using a Makefile would be. For very paranoid situations, we could
have options that allowed you to get a working copy, inspect all the
:construct properties, and then execute them.
The point about platform specificity is well taken, but I really do
think we want something this general. Witness someone else's point
that this could be used to deal with OSX bundles, for instance.
zw
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Oct 11 23:35:43 2002