Quoth Jörg Sommer <mailto:joerg@alea.gnuu.de>:
> I run an open SVN repository on a multiuser system. I believe
> I closed all (but one) ways anyone can mangle the repository.
>
> The file db/current is recreated (I suppose create db/foo;
> write db/foo; rm db/current; mv db/foo db/current) everytime
> a commit happens. This leaves a hole in my system. Anyone
> could rename or delete files in db/, because I must leave db
> world-writable. If access to this file would happen "inplace"
> I could make the directory world-readable and noone could mange the
> contents of db/.
Just use a server process and make the repository only writable by the
user that the server is running as. And don't use file:// URLs any
more.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Mon Dec 12 23:31:55 2005