[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svn commit: r40009 - branches/1.6.x

From: Hyrum K. Wright <hyrum_at_hyrumwright.org>
Date: Wed, 14 Oct 2009 10:17:50 -0500

On Oct 14, 2009, at 8:43 AM, C. Michael Pilato wrote:

> Hyrum K. Wright wrote:
>
> [...]
>
>>> @@ -146,5 +146,12 @@ Candidate changes:
>>> Votes:
>>> +1: rhuijben
>>>
>>> + * r40008
>>> + Respect Apache's ServerSignature directive.
>>> + Justification:
>>> + Many subversion server administrators want it.
>>> + Votes:
>>> + +1: stylesen
>>> +
>>
>> This sure looks a lot like a feature and not a bug fix.
>
> I think it's actually security concerns that are driving the thing.
> Admins
> can use "ServerSignature off" to prevent Apache from reporting the
> presence
> and version of mod_dav_svn, but can't hide the version from Subversion
> directory listings. Definitely more "fix" and "feature", in my
> opinion.

Sounds good to me. Perhaps the item in STATUS could be updated to
explain the "fix" nature of this revision.

-Hyrum

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=462&dsMessageId=2407599
Received on 2009-10-14 17:18:18 CEST

This is an archived mail posted to the Subversion Dev mailing list.