[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Subversion, PHP and Web development

From: Perry E. Metzger <perry_at_piermont.com>
Date: 2004-02-23 20:17:29 CET

Ben Collins-Sussman <sussman@collab.net> writes:
> A word of warning, though: many unixes won't let you 'chmod +s' a shell
> script, which is necessary if I want the post-commit hook script to run
> as user 'sussman'. So instead, my post-commit hook is a tiny C program
> with +s :
>
> #include <stdlib.h>
> int main(int argc, const char *argv[])
> {
> system("/usr/local/bin/svn update /home/sussman/public_html");
> }

For safety, I'd do an exec instead, and clean the environment vars.
You never know what evil someone might include in things like
PATH or IFS.

This is pretty easy to do, of course, just have a variable like:

char *newenv[] = { "PATH=/bin:/usr/bin", "SHELL=/bin/sh", NULL };

to contain your smashed environment, then:

execle("/usr/local/bin/svn", "svn", "update", "/home/sussman/public_html", newenv);

You have far fewer worries that way.

Perry

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Mon Feb 23 20:17:21 2004

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.