security and file permissions

From: Steven S. Gubser <ssgubser_at_Princeton.EDU>
Date: 2007-03-29 19:34:02 CEST

Hi svn users,

I want to establish per-directory read-write access. I can
do this as per ch. 6 of the documentation. But I am running
everything on an svn+ssh basis, with the umask = 002 so
that every file in db/revs has permissions 664. Doesn't this
mean that any user with group r/w permissions can in
principle reconstruct everything in the repository, just by
grabbing all the files in db/revs?

What does it take to set up an svn repository where this
``loophole'' is closed and sensitive data is reasonably well
protected? Can anyone point me to a how-to document
or an example?

I apologize for a previous version of this message without
a descriptive subject header.

Thanks,
Steve

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Mar 29 19:34:31 2007

This message: [ Message body ]
Next message: Helge Preuss: "'...' is not a working copy directory"
Previous message: Les Mikesell: "Re: FW: subversion authetication"
Next in thread: Ingo Schmidt: "Re: security and file permissions"
Reply: Ingo Schmidt: "Re: security and file permissions"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]