[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: problems when using subversion over http with large files

From: Nico Kadel-Garcia <nkadel_at_comcast.net>
Date: 2006-07-27 16:43:21 CEST

----- Original Message -----
From: "Martin Povolný" <martin.povolny@solnet.cz>
To: <users@subversion.tigris.org>
Sent: Thursday, July 27, 2006 4:01 AM
Subject: problems when using subversion over http with large files


    we are using subversion on a couple of quite large repozitories.
    In our setup we have apache2 with ldap authentication and dav_svn.

Uh-oh. You've walked square into a serious security issue: The SVN clients
store user login names and passwords in cleartext: for the commandline, it's
typically in $HOME/.subversion/./auth/svn.simple/[hashedname]

If you have the Apache LDAP using your user's normal login passwords, which
is easy to do, then your user's passwords are stored in cleartext in the
home directory of their LDAP client. The graceful way to avoid the problem
is to use svn+ssh for write access.

    Until recently we where running subversion 1.1.4 and now for a while we
run 1.2 with similar results.

You should *definitely* update to 1.2. Now is also a good time to throw
things out of your repositories that you no longer want. And consider
switching to FSFS for performance reasons, if feasible.

    In one of the repositories we have cca. 4-6 GB of data with files of
size up to 80 GB.

I assume you mean files up to 80 MB, not GB.

    With this repository we have problems. Clients connecting to the
repository hang. In the apache error log we get something like:

    Should I try different setup? Standalone subversion server (no
apache), or would version 1.3 help?

    We are using berkeley backend, would fsfs be better?

I strongly urge you to do both. It should be easy to do a fast switchover if
you can arrange a few hours of downtime.

To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Jul 27 16:45:39 2006

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.