Hi,
I'd been looking at mod_dav_svn and issue 1051. The issue is quite old
but by no means outdated. I have just recetly seen manifest itself
when check-in on an FSFS repository breaks midway.
When brought up on IRC it generated some high-speed feedback that went
beyond me. If I may, I would like to generate talk on this issue.
I'd been looking at mod_dav_svn code for a while and here is what I
can conclude:
- Most errors that happen in low-level are not sanitized.
- Most errors that happen in low-level of FSFS repository have
sensitive filesystem information in the error message.
- When such errors are encountered in mod_dav_svn, they are pushed down to DAV.
- Low-level error messages (from calls to svn_fs_*(), for example) are
accompanied by high-level error messages in the actual mod_dav_svn.
The latter should be enough for the user.
I have started patching random un-sanitized error messages I came
across and I noticed that about 95% of them need to be sanitized.
I propose to go through and sanitize all error messages that can
potentially spill sensetive filesystem info -- i.e. change from
dav_svn_convert_err() that will pass all errors to DAV to
dav_svn__sanitize_error() that will log all current
(possibly-sensitive) low-level error and only pass down the high-level
error message.
There is only a slight problem that stops this process from going
smoothly. The request_rec needed by dav_svn__sanitize_error() isn't
readily available everywhere. It is neccessary to propogate
request_rec to where needed.
Somebody that has more insight on subversion might have already given
thought to this. Please tell me what you think.
BR,
Artem Egorkine
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Jun 13 17:47:05 2006