Eric Hanchrow wrote:
>>>>>> "Nico" == Nico Kadel-Garcia <nkadel@comcast.net> writes:
>
> Nico> Wait. svnserve by itself is not securable, due to its
> Nico> public password use.
>
> I guess that depends on what you mean by "securable". If you trust
> the operating system's file-access controls, then there's nothing to
> worry about, since the password file can be read only by those to whom
> you've granted access -- typically just the svnserve daemon itself.
Those are only part of securing. The transactions occur in clear, on the
network, where anyone running a packet sniffer can tap them trivially. That,
in and of itself, makes it unsecurable, especially in a remote access
configuration. HTTP has the same problem, rather HTTPS itself.
> Nico> Is there web-space, with HTTPS access available?
>
> svn itself allows this, since the server can be run as an apache
> module. But the people who run the server need to configure it.
Well, yes. That's why I asked: the site administrators may not wish to
permit this.
> Nico> Can you put the repository there, under your public_html
> Nico> directory if necessary?
>
> That would be up to the people who run the server.
See above.
> Nico> I'd be curious if they have this: I'm looking around for a
> Nico> good virtumin/usermin module for Subversion right now.
>
> I can't help with that; I've never used one.
I like them, they're useful for other purposes.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Sun May 14 20:36:18 2006