Re: Why is conf/passwd world-readable?

From: Marcus Rueckert <darix_at_web.de>
Date: 2006-02-11 14:17:21 CET

On 2006-02-10 22:05:31 +0100, Olaf van der Spek wrote:
> Why is conf/passwd sometimes world-readable (depending on umask)?
> I think it should never be world-readable and always be created with
> mode 600.

1. because the password file has no protection worth data by default.
2. if you use a dedicated svn server there is no problem with world
readable.
3. you dont use a dedicated svn server? you will definitely know how
to protect the file better. no?

normally people create new repositories as root and chown/chgrp/chmod
them to the correct permissions to the svnserve can read it. one chmod
command more to make it only readable by the svnserve should not be this
hard.

just my 2 cents

darix

-- 
           openSUSE - SUSE Linux is my linux
               openSUSE is good for you
                   www.opensuse.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Received on Sat Feb 11 14:17:59 2006

This message: [ Message body ]
Next message: Olaf van der Spek: "Re: Why is conf/passwd world-readable?"
Previous message: John Belli: "assertion failed svn cp URL->URL"
In reply to: Olaf van der Spek: "Why is conf/passwd world-readable?"
Next in thread: Olaf van der Spek: "Re: Why is conf/passwd world-readable?"
Reply: Olaf van der Spek: "Re: Why is conf/passwd world-readable?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]