On Wednesday 04 June 2008, Vincent Lefevre wrote:
> On 2008-06-02 18:01:12 +0200, Marc Haisenko wrote:
> > As far as I remember that feature is not included in SubVersion because
> > it opens a few cans of worms. For example, not every OS supports the same
> > permissions (Windows file permissions vs. UNIX file permissions vs. ACLs
> > vs. Mainframe). How to deal with that ?
>
> Well, Unix file permissions would be applied under Unix only and so on.
> IMHO, permissions are mainly (if not only) useful when the user manages
> his own files with Subversion. And if he is only under Unix, then this
> is fine. Now I think that a client-side hook (as I suggested) would be
> a better solution as it allows to do exactly what the user wants. And
> this is 100% safe as the hook would be installed by the owner of the
> working copy (security holes can only be introduced by the user himself,
> but this isn't specific to Subversion).
Having separate file permission management for each OS is asking for trouble,
IMHO. If you set the permissions to 0444 on Unix (only reading allowed) and
then someone checks that file out on Windows and has write permissions I can
already hear the bug report being entered.
The client hook would of course allow to implement something like that, but
that issue has also been discussed already, as far as I remember, and I think
the developers thought it might not be a good idea (but please search the
archive yourself, I'm not entirely sure). You care about just yourself, and
seem to assume that you will be the only user of that specific repository.
The SubVersion developers have to think a bit bigger and then issues that are
none to you become huge. One issue would be: Where would those hooks be
stored ? If every user has to install the hook himself then inconsistencies
can occur (e.g. not every user has that hook, maybe they have different
versions, etc. pp.). If the hooks are stored in the repository you have a
huge security desaster (e.g. imagine I check in a client hook that
runs "rm -rf ~" or one that adds my SSH public key to your authorized_keys so
I can log on to your account without having to know your password).
So if all you need that feature for is archiving some stuff (like you /etc
directory) you are better off using an external script like the "asvn" script
already present, IMHO: you really know that you are doing something
not "standard" because you call a different command.
Marc
--
Marc Haisenko
Comdasys AG
Rüdesheimer Str. 7
80686 München
Germany
Tel.: +49 (0)89 548 433 321
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-06-04 11:00:51 CEST