Hi Stefan,
Stefan Sperling writes:
> > > Remote "load" seems scary -- How can I prevent my users from being
> > able to use this command? Is the original
> > > author of the dumped
> > revision preserved, or is the author set to the user doing the load?
> > Can users do
> > > anything else bad, like changing repo UUID?
> >
> > Again, I expect that access control/ security is automatically taken
> > care of in the RA layer. `svnrdump load` is just like a user making
> > some changes and committing them one by one except the author and
> > timestamp in the dumpfile are preserved. Why would you want to block
> > this?
>
> Please verify this with testing, instead of just assuming that it works
> (not entirely sure if you are simply assuming, but it sounds a bit like it).
I've tested it briefly, but not rigorously. I'll write some unittests soon.
> Do we already have unit tests for svnrdump which check for authz interactions?
> (A quick look into svnrdump_tests.py suggests that we don't.)
No. I'll write them soon.
As Bert pointed out, most of the security/ access control issues
should be taken care of by the server. I'm more concerned about
correct error handling, and bailing out cleanly; for all I know, there
might be nothing to fix.
-- Ram
Received on 2010-08-20 07:08:03 CEST