[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [ANNOUNCE] svnrdump: A new dumper/ loader in trunk

From: Ramkumar Ramachandra <artagnon_at_gmail.com>
Date: Fri, 20 Aug 2010 10:35:21 +0530

Hi Stefan,

Stefan Sperling writes:
> > > Remote "load" seems scary -- How can I prevent my users from being
> > able to use this command? Is the original
> > > author of the dumped
> > revision preserved, or is the author set to the user doing the load?
> > Can users do
> > > anything else bad, like changing repo UUID?
> >
> > Again, I expect that access control/ security is automatically taken
> > care of in the RA layer. `svnrdump load` is just like a user making
> > some changes and committing them one by one except the author and
> > timestamp in the dumpfile are preserved. Why would you want to block
> > this?
> Please verify this with testing, instead of just assuming that it works
> (not entirely sure if you are simply assuming, but it sounds a bit like it).

I've tested it briefly, but not rigorously. I'll write some unittests soon.

> Do we already have unit tests for svnrdump which check for authz interactions?
> (A quick look into svnrdump_tests.py suggests that we don't.)

No. I'll write them soon.

As Bert pointed out, most of the security/ access control issues
should be taken care of by the server. I'm more concerned about
correct error handling, and bailing out cleanly; for all I know, there
might be nothing to fix.

-- Ram
Received on 2010-08-20 07:08:03 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.