Thank you Marc and Brass (Tilde),
Those were the 2 most respectful emails I've received the past 2 days about the concern.
Thanks!
-----Original Message-----
From: Marc Haisenko [mailto:haisenko@webport.de]
Sent: Thu 1/27/2005 8:24 AM
To: users@subversion.tigris.org
Cc:
Subject: Re: "Flaw" revisited (was: Bug? FSFS revision control)
Nasser (I hope this is your first name :-),
the question is not really whether the current SubVersion FSFS would be safer
or not by adding some obscurity or just checksumming or whatever, the
question is: is it worth the hassle ?
Not only does adding code to try to protect you from hackers need some work
(designing and implementing), but the added complexity could (and propably
would) create conditions (bugs) in which that "protection" could backfire and
result in unnecessary problems for the enduser/administrator.
If someone really wanted to change your repository and has the needed access
rights he always could dump the repository, manipulate the dump and then
recreate the repository.
So the question is: is this "problem" big enough to spend time on implementing
your request ? The majority seems to think "no", as your scenario is /very/
theoretical and it would propably cause more problems and thus waste even
more developer time which could be spent on implementing more pressing
things.
At least that's how I see it and how I interpret the reactions on this
list ;-)
C'ya,
Marc
--
Marc Haisenko
Systemspezialist
Webport IT-Services GmbH
mailto: haisenko@webport.de
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Jan 27 14:44:54 2005