More strict file permissions for the administrative ".svn" directories

From: Ivan Zahariev <rrdtool_at_famzah.net>
Date: Tue, 12 Jan 2010 17:40:49 +0200

Hi devs,

I've first discussed this at the "users" list and there was no big
interest but also no negative feedback there. Therefore I'm suggesting
this to you now:

Would you make the ".svn" directories not accessible by "others" (thus
being accessible only by the "owner" and "group") ?

You can review the full thread along with the security problem
description and a patch at the following address:
http://mail-archives.apache.org/mod_mbox/subversion-users/201001.mbox/%3C4B4B05E8.1060909@famzah.net%3E

Let me know what you think. Thanks.

Best regards,
Ivan Zahariev
Received on 2010-01-12 16:41:49 CET

This message: [ Message body ]
Next message: C. Michael Pilato: "Re: [PATCH] Make svn clients indicate their operation name to backend(right now only to DAV) Version 2"
Previous message: Kamesh Jayachandran: "[PATCH] Make svn clients indicate their operation name to backend(right now only to DAV) Version 2"
Next in thread: David Glasser: "Re: More strict file permissions for the administrative ".svn" directories"
Reply: David Glasser: "Re: More strict file permissions for the administrative ".svn" directories"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]