[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [PATCH] svnserve dropping root privileges

From: Branko Čibej <brane_at_xbc.nu>
Date: 2007-01-08 00:25:09 CET

Peter Samuelson wrote:
> [Micha? ?ukaszek]
>
>> This of course is true, but nevertheless - patch adds a functionality
>> that is not breaking anything, and could be useful for someone.
>>
>
> Well, features are not free. Somebody has to document them, people
> have to configure them, the code needs to be maintained.
>

I agree wholeheartedly. Unlike many servers, svnserve does not need root
access at any time because it doesn't bind to a privileged port. Adding
a "drop root privs" feature is therefore not necessary, and we'd IMHO be
laying a subtle and terrible trap for ourselves if we accepted this
patch -- I've seen way too many security alerts about root privs not
being dropped far enough, or soon enough (remember the last sshd thing?).

Just to be on the safe side ... -1 on accepting this patch.

-- Brane

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Mon Jan 8 00:25:58 2007

This is an archived mail posted to the Subversion Dev mailing list.