[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: SVN+SSH access not advisable

From: Marko Käning <mk362_at_mch.osram.de>
Date: Fri, 25 Jul 2008 13:07:55 +0200 (CEST)

> That doesn't sound right. What exactly does it say, and where does it
> say it? I can't find anything like this.

Well, see Chapter six of the 1.4 SVN book on page 144:

If you have an existing infrastructure heavily based on SSH accounts, and
if your users already have system accounts on your server machine, then it
makes sense to deploy an svnserve-over-ssh solution. Otherwise, we don't
widely recommend this option to the public. It's generally considered
safer to have your users access the repository via (imaginary) accounts
managed by svnserve or Apache, rather than by full-blown system accounts.
If your deep desire for encrypted communication still draws you to this
option, we recommend using Apache with SSL instead.

My users must be members of a certain group. This groups gets full write
access to the corresponding repository files. So everything (seems) to
work fine. Perhaps it only seems so?

Perhaps I read the above in a wrong way: it is not recommended, but
perhaps it doesn't mean that it is forbidden...



To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-07-25 13:08:28 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.