Re: Client side hook scripts [Was: Proposal for $Revision$ keyword amendment, "global" revnums, etc...]

From: Marc Haisenko <haisenko_at_webport.de>
Date: 2005-10-13 11:53:50 CEST

On Thursday 13 October 2005 03:38, Greg Hudson wrote:
> Client-side hook scripts have bad security implications; they allow the
> server to tell the client to do anything at all, when the user was
> really only interested in letting the server feed it updates.
>
> We could provide a sandboxed language interpreter with a defined set of
> user-visible primitives to overcome that problem, but that's way too
> much complexity for the benefit.

Even this won't save you, as you'd need to be able to call external tools,
i.e. indent or other code formaters. And if you can do that, I can find a way
to call "rm -rf ~" that you can't catch.

-- 
Marc Haisenko
Systemspezialist
Webport IT-Services GmbH
mailto: haisenko@webport.de
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Received on Thu Oct 13 11:54:40 2005

This message: [ Message body ]
Next message: Malcolm Rowe: "Re: What does 'svn diff' do?"
Previous message: Max Bowsher: "Re: 1.3.x Perl bindings"
In reply to: Greg Hudson: "Re: Client side hook scripts [Was: Proposal for $Revision$ keyword amendment, "global" revnums, etc...]"
Next in thread: Malcolm Rowe: "Re: Client side hook scripts [Was: Proposal for $Revision$ keyword amendment, "global" revnums, etc...]"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]