Perry E. Metzger wrote:
>Brian Mathis <firstname.lastname@example.org> writes:
>>There's already a way to make all your accesses to the repos "suid" to
>>svn, it's called svnserve. Run it as user "svn" and viola, all
>>accesses through it are done as user "svn". Tunnel over ssh, and
>Why bother? The direct tools can do exactly the same thing, and then I
>don't have to worry that svnserve is accidently misconfigured to
>listen to the wrong interface one morning. Fewer moving parts, fewer
Not enough moving parts, the machine doesn't work right.
The direct tools do NOT do excatly the same thing! If they did, 1 of
them wouldn't exist. If you are worried that your config files will
accidentally change, then you have bigger problems with security than
running a daemon.
What we have here is an XYZ problem:
Q: I want to use X to perform function Y, but instead it's doing Z.
A: X doesn't perform function Y, use A instead
Q: But I don't want to use A, I want to use X
A: Too bad. X doesn't do what you want, but A does. Use A.
Q: But I don't want to use A.
The point is that there are already TWO other options that will allow
you to reach the goal you want. 1 is apache, and 2 is svnserve. Using
these requires ZERO code changes to svn. If apache doesn't meet your
needs, then fine, use svnserve over ssh.
Received on Fri Feb 13 19:41:50 2004