Re: svn cleanup switches?

From: Mark Benedetto King <mbk_at_lowlatency.com>
Date: 2004-02-19 19:01:27 CET

On Thu, Feb 19, 2004 at 05:04:04PM +0000, Philip Martin wrote:
> Mark Benedetto King <mbk@lowlatency.com> writes:
>
> > That would make it a bad idea to type "svn cleanup" in an untrusted WC.
>
> What's an "untrusted" WC? It's next to impossible to have two
> different users with write access to the same WC, the chmod calls
> don't work.
>

My guess is that a pathological WC could be constructed that would cause
the client to execute an arbitrary command. Perhaps if the owner of the WC
maliciously chmodded everything 2777? Or if the victim user was root?

--ben

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu Feb 19 19:23:50 2004

This message: [ Message body ]
Next message: Philip Martin: "Lost in mod_dav"
Previous message: Nicolás Lichtmaier: "Re: Problem with accented characters in checkout"
In reply to: Philip Martin: "Re: svn cleanup switches?"
Next in thread: Greg Hudson: "Re: svn cleanup switches?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]