[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Why is conf/passwd world-readable?

From: Marcus Rueckert <darix_at_web.de>
Date: 2006-02-11 14:17:21 CET

On 2006-02-10 22:05:31 +0100, Olaf van der Spek wrote:
> Why is conf/passwd sometimes world-readable (depending on umask)?
> I think it should never be world-readable and always be created with
> mode 600.

1. because the password file has no protection worth data by default.
2. if you use a dedicated svn server there is no problem with world
3. you dont use a dedicated svn server? you will definitely know how
   to protect the file better. no?

normally people create new repositories as root and chown/chgrp/chmod
them to the correct permissions to the svnserve can read it. one chmod
command more to make it only readable by the svnserve should not be this

just my 2 cents


           openSUSE - SUSE Linux is my linux
               openSUSE is good for you
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sat Feb 11 14:17:59 2006

This is an archived mail posted to the Subversion Dev mailing list.