[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: SVN Security

From: Janulewicz, Matthew <MJanulewicz_at_westernasset.com>
Date: 2005-07-16 01:03:07 CEST

<sarcasm>
        all kidding aside ...
</sarcasm>

Apache isn't *necessary* to run subversion, especially on Windows. Just
desireable. I've been toying with it for a month and it's been fine sans
apache.

Being cheap notwithstanding, you'll lose some functionality going from
Perforce to subversion, all of which have been discussed or mentioned on
this list over the past few weeks, and all of which are acknowledged by
the Subversion authors. Remember that Subversion is relatively young
software:

Perforce is just plain fast. Subversion is good, but not as fast.
Lack of merge history tracking.
Inability of subversion to singlehandedly correct MSFT's awful
filesystem case sensitivity issues.
Lack of mature integrations with IDE's, especially closed source,
non-standard, proprietary and expensive IDE's with poor API's.

Subversion also won't be able to perform the social engineering required
when you change the tool from under your engineers and 'I'm cheap' isn't
a good enough reason when they discover Subversion is not a better
Perforce, it's a better CVS.

If you already have the Perforce licenses, why not just keep them? Don't
pay the upgrade, and just keep the server at the version you currently
have. A buddy of mine has had a perforce server running just fine since
2002, the last time they paid for an upgrade.

I guess I'm just saying that even though Subversion is ultra-cool,
neato, uber sweet and open source, I think 'I'm cheap' isn't a
compelling enough reason to switch to it from Perforce. If you've
shopped around, Perforce is pretty cheap as far as commercial solutions
go.

One last thought: Open source your software, get Perforce for free:

http://perforce.com/perforce/opensource-faq.html

-Matt

-----Original Message-----
From: Ben Collins-Sussman [mailto:sussman@collab.net]
Sent: Friday, July 15, 2005 3:43 PM
To: Calvin
Cc: users@subversion.tigris.org
Subject: Re: SVN Security

On Jul 15, 2005, at 5:12 PM, Calvin wrote:

> I am trying to evaluate SVN. I want to switch to SVN from Perforce
> because I
> am cheap.
>
> But after I read the articles regarding SVN, sounds like it lacks a
> fatal
> feature: Security?

<sarcasm>
   Oops, did we forget to add that ingredient? Damn! :-)
</sarcasm>

>
> I am using Windows 2k3, and I am a pure MSFT fan, don't want to
> pollute my
> environment with any apache etc.
>

<sarcasm>
    We'd hate to pollute that squeaky-clean ultra-secure MSFT
software with dirty old apache!
</sarcasm>

> I need to be able to set securities like which user can access what
> folder,
> which could be readonly, write, no access, ..., etc.
>
> Is there a way to do it in SVN? Any existing solutions?
>

Yes, many solutions. I don't know where you got the idea that
subversion was insecure, or lacked permissions features. Please
chapter 6 in the svn book:

          http://svnbook.red-bean.com

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

**********************************************************************
E-mail sent through the Internet is not secure. Western Asset therefore recommends that you do not send any confidential or sensitive information to us via electronic mail, including social security numbers, account numbers, or personal identification numbers. Delivery, and or timely delivery of Internet mail is not guaranteed. Western Asset therefore recommends that you do not send time sensitive or action-oriented messages to us via electronic mail.
**********************************************************************

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Sat Jul 16 01:04:40 2005

This is an archived mail posted to the Subversion Users mailing list.