[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [HCoop-Discuss] SVN security issues

From: Karl Chen <quarl_at_cs.berkeley.edu>
Date: 2006-11-08 11:18:06 CET

>>>>> On 2006-11-08 01:48 PST, Max Bowsher writes:

    Max> What about deploying the wrapper hooks into all
    Max> repositories, with permissions set so the user cannot
    Max> replace them?

I believe it is workable, though more complicated and error-prone.
Given the possibility of chmod +t which I had previously not
thought about, it might not prevent the user from most
administration tasks.

    Max> Where would you envisage a potential exec helper being
    Max> configured? I suppose in httpd.conf and/or on the
    Max> svnserve command line?

I propose:
- On startup, record
    char const *svn_hook_helper = getenv("SVN_HOOK_HELPER")
- In run_hook_cmd() or its callers, prepend svn_hook_helper to the
  exec arguments, if it is not null.

The administrator would configure Apache+mod_dav_svn:
    SetEnv SVN_HOOK_HELPER /path/to/svnhookhelper

svnhookhelper can invoke sudo, suexec, userv, etc.

-- 
Karl 2006-11-08 01:59
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Wed Nov 8 11:18:28 2006

This is an archived mail posted to the Subversion Dev mailing list.