[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: svn and cron

From: Garrett McGrath <gmcgrath_at_Princeton.EDU>
Date: 2006-12-12 20:29:37 CET

I believe I have found the problem in my particular instance. On centos
(and quiet probobly more generally) cron uses a restricted path for the
commands it issues. My version of svn wasn't found in that path and a core
distribution version was being used instead. Defining the full path of the
svn binary and the svn working copy 'appears' to have fixed the problem
it'll take another day or so to completely test it however.
-Garrett

-----Original Message-----
From: John Rouillard [mailto:rouilj@renesys.com]
Sent: Tuesday, December 12, 2006 12:02 PM
To: Mikko Ruohola
Cc: users@subversion.tigris.org
Subject: Re: svn and cron

On Tue, Dec 12, 2006 at 02:01:53PM +0200, Mikko Ruohola wrote:
> Vincent Lefevre kirjoitti:
> >On 2006-12-11 20:50:49 -0600, Ryan Schmidt wrote:
> >
> >>Curious. What do you need expect for in this scenario? svn is not an
> >>interactive program. The only thing I think it can prompt for is the
> >>username and password, and you can provide that with the --username
> >>and --password options without resorting to something like expect.
> >>
> >
> >The --password option may be a security hole, e.g. if there are
> >several users on the machine.
> --password `cat /var/etc/thefilewiththepassword` And file can have all
> the fancy permissions to prevent people from seeing it. or does it
> show on process list apps like top or ps?

You bet it does.

> atleast ncftp hides some command line parameters from process list.

That is usually done by rewriting argv, so it introduces a race condition
where the password is visible in plaintext format. Also not all systems
allow you to rewrite argv and have the kernel pick up the changed version.

-- 
				-- rouilj
John Rouillard
System Administrator
Renesys Corporation
603-643-9300 x 111
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Tue Dec 12 20:31:55 2006

This is an archived mail posted to the Subversion Users mailing list.