[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: issue #137

From: Joseph Galbraith <galb_at_vandyke.com>
Date: 2006-08-31 21:14:31 CEST

Stefan Küng wrote:
> Hi,
>
> I'm currently trying to implement issue #137:
> http://tortoisesvn.net/issues/?do=details&id=137
>
> But now I have some problems where I hope you can help me out with some
> ideas:
>
> If the hook scripts are configured via project properties (i.e. like the
> bugtraq properties), how should we define the path to the script? To
> avoid security issues, I want to force the scripts to be inside the
> working copy. But with project properties, you can't define an absolute
> path to a script, and relative paths don't really work because the user
> can start TortoiseProc from any directory.

You could say that relative is relative to the folder that has
the property set rather than relative to the current directory
of TortoiseProc.

> If however we configure the hook scripts with e.g. a global config file
> or in the settings dialog, then they won't be 'project only' (we could
> find a way around that, but it would be *very ugly* UI wise), and then
> each user would have to configure them him/herself.
>
> So, what's the best way to go here? Any ideas on how to specify a path
> to the scripts when using project properties?

Even forcing the hook script to be inside the WC still
seems dangerous to me-- what if someone hacked a
repository and committed both the property and a
malicous script.

I think probably, rather than insisting that the script
be in the working copy, the user should be prompted before
the script is run, something like this:

   There is a hook-script configured for this action, which
   may provide increased functionality or improved error
   handling for this repository.

   Hook-scripts can modify your system in undesired ways; one
   should use caution about allowing hook scripts to run,
   especially from a public repository.

           _Always run this script_ _Run script_ _Don't Run_

(And there should probably be a global option to say don't
ever run hooks.)

Thanks,

Joseph

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tortoisesvn.tigris.org
For additional commands, e-mail: dev-help@tortoisesvn.tigris.org
Received on Thu Aug 31 21:15:04 2006

This is an archived mail posted to the TortoiseSVN Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.