Les Mikesell wrote:
> On Fri, 2006-06-30 at 20:05, Nico Kadel-Garcia wrote:
>>>
>>> Wow. That is truly ugly. If an admin can't control PATH being used
>>> by the hook scripts then there are problems well beyond security.
>>> Because I can't believe that someone would feel there is a need to
>>> purge PATH by design. That just feels so wrong to me.
>>
>> Hmm. Since many subversion tools operate as different users at
>> different times, depending on whether they're run through Apache,
>> svnserver, or the local filesystem, it's not safe to assume that any
>> or all of these people have sane PATH settings. Better safe than
>> sorry, I think.
>
> So what's safe? Unless you are the only admin on the box,
> second-guessing where binaries live doesn't sound safe to
> me. Sourcing /etc/profile if it exists might work in
> a lot of places.
As opposed to second-guessing where they might have been stuffed? The hook
scripts are pretty simple, and easy to keep control over. A clueless admin
is likely to do all sorts of oddness, or worse yet another user using the
file-based access with odd PATH setups that aren't consistent and don't work
well for perl, bash, csh, or whatever the hook script is written in due to
inconsistently set user profiles.
Been there, have the scars.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Sat Jul 1 05:23:04 2006