[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Should svnserve set umask to 002?

From: <gstein_at_lyra.org>
Date: 2003-01-23 22:40:11 CET

On Thu, Jan 23, 2003 at 02:52:18PM -0500, Greg Hudson wrote:
 On Thu, 2003-01-23 at 14:37, Branko Cibej wrote:
  Actually, ra_local has a similar problem; it should set the umask to 002
  when fiddling with the database, too. Then Unix people could finally set
  up their repositories so that they could be used by all RA methods
  simultaneously.
 
 Setting the umask to 002 would be a security hole. Consider this use
 case: I naively set up a repository for my own use, on a system where
 all users are in the same primary group.

Right. The umask is a policy decision, and one that our tools should stay
out of. It is perfectly fine to do something like:

$ cat mems-serve
#!/bin/sh
umask 002
exec svnserve $*
^D
$ chmod +x mems-serve

I don't think we should be involved. Let the user and/or admin set the
policy.

Cheers,
-g

-- 
Greg Stein, http://www.lyra.org/
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sat Oct 14 02:10:24 2006

This is an archived mail posted to the Subversion Dev mailing list.