[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: Securing subversion on a shared server

From: Neil Aggarwal <neil_at_JAMMConsulting.com>
Date: Tue, 12 May 2009 09:46:18 -0500

I did not have the mode since I changed it.
You are probably correct the files
were mode 644.

I am using https to connect to the server.

The problem is that file mode 644 is still
readable by anyone with an account on the server.

I would like to make sure all files on the server
(The repository and any user-space files) are
mode x00.

So my question is: What directories do I need to secure?

I changed the repository directory and all files in
it to mode 700. I also changed the ~/.subversion
directory to mode 700.

Is there anything else I need to change?

Thanks,
        Neil

--
Neil Aggarwal, (832)245-7314, www.JAMMConsulting.com
Eliminate junk email and reclaim your inbox.
Visit http://www.spammilter.com for details.  
> > It looks like subversion by default stores
> > the repository with file mode 755.  I am using
> > file system storage.
> 
> Normally 644.
> 
> > This also seems true of the .subversion directory
> > in the user's home directory.
> 
> Same 644 there.  Do you have an odd umask?
> 
> > If I am running subversion on a shared server,
> > I would like to make all subversion related files
> > owned by a daemon account and file mode 700.
> 
> Are you using file:// schema to connect to the server?
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=2214805
To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
Received on 2009-05-12 16:47:29 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.