On Mon, Aug 5, 2013 at 12:22 PM, Stefan Küng <tortoisesvn_at_gmail.com> wrote:
> On 05.08.2013 18:15, Ben Fritz wrote:
>> Can I specify a repository path to a file NOT in the working copy, and
>> have it run as a hook script? Or do I need to stick it on a common
>> network share or something like that?
> Sorry, no. That would be a big security issue since then TSVN would
> actually execute potentially dangerous and/or malicious code.
> At least by only executing script that are in the repository and the
> working copy we can assume that you need at least commit access to the
> repo to have something execute.
Sure...but the commit access argument also applies to files in the
repository but not the current working copy. E.g. if I have:
Then why is running hook1 any more secure than running hook2?
For that matter, I see from
that I can't use UNC paths, but I guess anything on the C: drive or
any mapped network drives would be fair game; that's not too secure
either. Anyway, http://tortoisesvn.net/tsvn_1.8_releasenotes.html says
TSVN will ask the user first before running.
As a workaround assume I can do:
:: Wrapper bat file
svn cat http://example.com/repo/tools/clienthooks/hook2.bat > hook_script.bat
:: end wrapper bat file
But this just seems silly.
To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2013-08-05 19:54:48 CEST