Karl Chen wrote:
>>>>>> On 2006-11-08 01:48 PST, Max Bowsher writes:
> Max> Where would you envisage a potential exec helper being
> Max> configured? I suppose in httpd.conf and/or on the
> Max> svnserve command line?
> I propose:
> - On startup, record
> char const *svn_hook_helper = getenv("SVN_HOOK_HELPER")
> - In run_hook_cmd() or its callers, prepend svn_hook_helper to the
> exec arguments, if it is not null.
> The administrator would configure Apache+mod_dav_svn:
> SetEnv SVN_HOOK_HELPER /path/to/svnhookhelper
Why an environment variable?
They are somewhat transient and often overlooked, and not always easy to
arrange to be set for daemons. Not something I would let anywhere near
security configuration, if I have a choice.
Moreover, the above code sample won't work, since httpd's SetEnv only
sets real environment variables in subprocesses, which mod_dav_svn isn't.
No, if we do this, it definitely has to be a clear part of the server
configuration, I think.
Received on Wed Nov 8 15:10:29 2006