On Dec 13, 2005, at 01:17, Jörg Sommer wrote:
> Gavin Lambert schrieb am Tue 13. Dec, 11:22 (+1300):
>
>> Quoth Jörg Sommer:
>>
>>> I run an open SVN repository on a multiuser system. I believe
>>> I closed all (but one) ways anyone can mangle the repository.
>>>
>>> The file db/current is recreated (I suppose create db/foo;
>>> write db/foo; rm db/current; mv db/foo db/current) everytime
>>> a commit happens. This leaves a hole in my system. Anyone
>>> could rename or delete files in db/, because I must leave db
>>> world-writable. If access to this file would happen "inplace"
>>> I could make the directory world-readable and noone could mange the
>>> contents of db/.
>>
>> Just use a server process and make the repository only writable by
>> the
>> user that the server is running as. And don't use file:// URLs any
>> more.
>
> That was not the question. I know this, but I can't run a process
> on this
> machine, because it is not 24/7 running. And I'm a simple user. I
> can't
> start processes after boot without login in there.
If you are the only user, then you can change the repository
permissions so that only you can change the files. Then there is no
hole, unless you consider yourself untrustworthy. :-P
Using a server process as Gavin said is also a good answer to the
problem. I don't see why not having the machine on all the time would
pose any sort of difficulty for this. I have several server processes
running on my PowerBook G4 (web server, mail server, MySQL) and
there's never a problem with putting the machine to sleep and waking
it back up, which I do several times daily; it just works. And I can
write LaunchDaemon plist files that cause processes to get started at
boot time without requiring anyone to be logged in. Surely your
operating system can do something similar? Like the /etc/init.d
scripts on our Gentoo Linux server at work.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Sun Dec 18 18:40:20 2005