[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [HCoop-Discuss] SVN security issues

From: Marcus Rueckert <darix_at_web.de>
Date: 2006-11-06 11:09:37 CET

hi,

1. you cant setuid scripts. it would need to be a binary.
2. you can have a small script that calls the user script with sudo e.g.
   that way you wouldnt need any stating.

   Such script could look like:

[[[
   #!/bin/sh
   if [ -e "../userhooks/post-commit" ] ; then
       sudo -u someuser ../userhooks/post-commit
   fi
]]]

anyway. i would recommend to review any user script anyway. and only
allow the admin team to place new scripts. no matter if they run as user
or not. the users can do still bad stuff to your server.

-- 
           openSUSE - SUSE Linux is my linux
               openSUSE is good for you
                   www.opensuse.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Mon Nov 6 11:09:57 2006

This is an archived mail posted to the Subversion Dev mailing list.