[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

[Fwd: Re: svn security vs. cvs security]

From: Nina Pham <nina_at_gibbons.com>
Date: 2004-07-29 20:58:08 CEST

-------- Original Message --------
Subject: Re: svn security vs. cvs security
Date: Thu, 29 Jul 2004 11:55:25 -0700
From: Josh Kuo <josh.kuo@prioritynetworks.net>
To: nina@gibbons.com
References: <41094025.8040201@gibbons.com>
<1091126041.2680.19.camel@localhost> <410943FF.4050901@gibbons.com>

You may want to send this one back to the mailing list, I dot not claim
to be a system security expert.

My guess is that since subversion commonly runs under Apache, you may
have to look for your solution in securing Apache.

Also, if this is a private repository (i.e. limited to internal users
who work for the same company), then your solution is easier to dealt
with by placing some firewall rules on the repository server. For me, I
place iptables rules so only certain IP range can access the repository.
This obviously won't work very well for you if you are running a public
repository.

My suggestion is to send this question back to the mailing list, I am
sure someone more knowledgeable than me will provide better answer.

On Thu, 2004-07-29 at 11:37, Nina Pham wrote:
> Hi, My concern is people can get into my server, write files or run
> files to destroy the server. I've been trying to set up an chroot ssh
> for cvs, but not succeed yet. Not sure if svn has better solution to
> prevent people get outside the repository.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

Received on Thu Jul 29 20:58:27 2004

This is an archived mail posted to the Subversion Users mailing list.