[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: inviolability of BDB

From: Christopher Ness <chris_at_nesser.org>
Date: 2004-11-24 19:03:02 CET

On Wed, 2004-11-24 at 09:21, Bodini Laurent Clecim.AUT-MODELE wrote:
> We develop software for customers. Parts of the software will be
> available to the customer, proprietary parts should not be available
> for him. Therefore we will do two repositories, one for us, one for us
> and them. There is one weak point, the computer with the subversion
> server will be accessible by the customer. My question is :
>
> if the repository is available to someone who has no otherwise access
> to the subversion server, can this person access the source code hold
> in the repository ?
> If yes, is there anyway to protect the source code from someone who
> has access to the repository ?

Make the repository owned by some user and group the customer is not a
member of (ie apache:apache). This way they will not be able to access
the files through the local file:// protocol and will be forced to go
through apache to access the repository.

That is assuming you plan to force them to go through the apache
interface correct?

Not sure how this would work for ssh+svn. Also you need to trust your
client to not "play around" on the server and try to break it.

Drastic, but perhaps better would be to buy another machine to use as a
SVN repository and do not allow user access to log into it.

Anyone else have an idea?
Chris

Received on Wed Nov 24 19:07:50 2004

This is an archived mail posted to the Subversion Users mailing list.