[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Suppress display of sensitive info by servers (proposal)

From: Molle Bestefich <molle.bestefich_at_gmail.com>
Date: 2005-04-13 08:45:19 CEST

Daniel Rall wrote:
> Requirements of any solution:
>
> o Low-level libraries should continue to propogate all contextual
> information available (including security-sensitive info). For
> example, httpd error logs should contain file system paths to the
> repository, as should error messages from file:// operations.
>
> o Secure versions of error messages must still contain relevant
> security-insensitive information (e.g. "Reference to non-existent
> revision 3209683", even though the path is omitted).

Wouldn't it become more cumbersome to report error messages to
anybody, e.g. your sysadmin, if the context is missing?

(I'm thinking that that's actually more important than fixing some
imaginary security problem..)

Could the path from the URL perhaps be included instead of the filesystem path?
Or the repository UUID?

Haven't looked at the code, so might be a stupid suggestion :-p.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Wed Apr 13 08:46:27 2005

This is an archived mail posted to the Subversion Dev mailing list.