[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: singl file checkout

From: Ryan Schmidt <subversion-2008c_at_ryandesign.com>
Date: Sun, 2 Nov 2008 23:39:58 -0600

On Nov 2, 2008, at 20:23, David L wrote:

> On Sun, Nov 2, 2008 at 12:34 PM, Ryan Schmidt wrote:
>
>> The file protocol is not appropriate for a production repository,
>> or when
>> multiple users are accessing it. It provides zero security. Anyone
>> can take
>> your entire repository home and easily circumvent any access
>> policy you may
>> have set, and anyone can browse the repository location in Windows
>> Explorer
>> or any other file browser and accidentally or intentionally delete
>> the
>> entire thing, or only delete specific older revisions, or replace
>> data, or
>> alter your hook scripts or do anything else, which you might not
>> notice
>> until it's too late.
>>
>> Since the FAQ is non-specific, I'll clarify: you can host an FSFS
>> repository
>> on NFS (if your NFS server is set up right) in that you can access
>> the
>> repository that way from a single computer that will then run
>> apache or
>> svnserve to serve the repository to others over http or svn
>> protocols. The
>> FAQ is not implying that multiple users should try to access an
>> NFS-hosted
>> repository directly over the file protocol.
>
> Thanks for clearing that up. I'm still don't understand why we're
> any safer with
> svn+ssh. The svn book recommends "to place every potential
> repository user
> into a new svn group, and make the repository wholly owned by that
> group".
> If all users can ssh into the svn+ssh host and are all in the group
> svn, can't
> they do any of the evil things that you mentioned they could do
> with the
> file protocol? It doesn't seem like once they've logged into the
> svn+ssh
> host there is anything to prevent them from using to file protocol.

That is true, unless you restrict them to only accessing the
repository (and denying them shell access) as shown here:

http://svnbook.red-bean.com/en/1.5/
svn.serverconfig.svnserve.html#svn.serverconfig.svnserve.sshtricks.fixed
cmd

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-11-03 06:40:40 CET

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.