[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Client side hook scripts [Was: Proposal for $Revision$ keyword amendment, "global" revnums, etc...]

From: Marc Haisenko <haisenko_at_webport.de>
Date: 2005-10-13 11:53:50 CEST

On Thursday 13 October 2005 03:38, Greg Hudson wrote:
> Client-side hook scripts have bad security implications; they allow the
> server to tell the client to do anything at all, when the user was
> really only interested in letting the server feed it updates.
>
> We could provide a sandboxed language interpreter with a defined set of
> user-visible primitives to overcome that problem, but that's way too
> much complexity for the benefit.

Even this won't save you, as you'd need to be able to call external tools,
i.e. indent or other code formaters. And if you can do that, I can find a way
to call "rm -rf ~" that you can't catch.

-- 
Marc Haisenko
Systemspezialist
Webport IT-Services GmbH
mailto: haisenko@webport.de
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu Oct 13 11:54:40 2005

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.