Re: SVN Security

From: Phil Endecott <spam_from_subversion_users_at_chezphil.org>
Date: 2006-04-13 20:30:01 CEST

('binary' encoding is not supported, stored as-is) Timo Wendt <twendt@online.de> wrote:

> file:///
> But what if I like no access.

(The following is vaguely right for Debian; tweak for other OSes)

# addgroup svn (Group for users that can access SVN files;
                      don't add normal users to this group, they use
                      http: exclusively)
# adduser www-data svn (Apache belongs to this group so it can
                          access the files; restart to take effect)
# chgrp -R svn /path/to/repository
# chmod o-rw /path/to/repository

Now you just need to make sure that Apache's umask doesn't allow world-readership. I think that's a simple Apache config directive.

--Phil.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Apr 13 18:34:21 2006

This message: [ Message body ]
Next message: Sean Hussey: "Re: Locked or missing files in repo stop checkout"
Previous message: David Anderson: "Re: SVN Security"
In reply to: Timo Wendt: "SVN Security"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]