[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svn cleanup switches?

From: Mark Benedetto King <mbk_at_lowlatency.com>
Date: 2004-02-19 19:01:27 CET

On Thu, Feb 19, 2004 at 05:04:04PM +0000, Philip Martin wrote:
> Mark Benedetto King <mbk@lowlatency.com> writes:
> > That would make it a bad idea to type "svn cleanup" in an untrusted WC.
> What's an "untrusted" WC? It's next to impossible to have two
> different users with write access to the same WC, the chmod calls
> don't work.

My guess is that a pathological WC could be constructed that would cause
the client to execute an arbitrary command. Perhaps if the owner of the WC
maliciously chmodded everything 2777? Or if the victim user was root?


To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu Feb 19 19:23:50 2004

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.