Re: Suppress display of sensitive info by servers (proposal)

From: Greg Hudson <ghudson_at_MIT.EDU>
Date: 2005-04-13 21:02:00 CEST

On Wed, 2005-04-13 at 14:59, Mark Phippard wrote:
> > I agree that we can add a field to svn_error_t, but I don't think this
> > proposal will solve the problem. Generally when the path to the
> > repository shows up in an error message, the pathname came from a failed
> > svn_io_* operation, which is not really smart enough to make decisions
> > about what would be a "safe" error message.

> But isn't the proposal to generate the normal error message and a "safe
> version" then let mod_dav_svn/svnserve etc. decide which one to use? I
> presume that svn_io_* has an idea when the error message contains a path
> name.

It does, and I suppose for this purpose treating all file pathnames as
sensitive information might do what we want.

I guess I feel uncomfortable encoding, deep in the low-level core of
Subversion libraries (svn_error_t and svn_io_*), high-level decisions
like "this is information we might not want to transmit from a network
server to a client".

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Wed Apr 13 21:02:53 2005

This message: [ Message body ]
Next message: Justin Erenkrantz: "Clarifying structure modification in HACKING was Re: Suppress display of sensitive info by servers (proposal)"
Previous message: Alvin Thompson: "Re: fsfs and user permissions"
In reply to: Mark Phippard: "Re: Suppress display of sensitive info by servers (proposal)"
Next in thread: Molle Bestefich: "Re: Suppress display of sensitive info by servers (proposal)"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]