Re: [HCoop-Discuss] SVN security issues
From: Marcus Rueckert <darix_at_web.de>
Date: 2006-11-06 11:45:09 CET
On 2006-11-06 02:25:59 -0800, Karl Chen wrote:
why is this an issue? in a clean setup neither www-data nor the user
so the only remaining attack vector might be "sudo".
> You are right that Linux does not allow setuid shebang scripts and
with my proposal the default hook script would be a stub that calls the
darix
-- openSUSE - SUSE Linux is my linux openSUSE is good for you www.opensuse.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org For additional commands, e-mail: dev-help@subversion.tigris.orgReceived on Mon Nov 6 11:45:23 2006 |
This is an archived mail posted to the Subversion Dev mailing list.
This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.