Re: svnadmin create and not being method agnostic

From: Stefan Sperling <stsp_at_elego.de>
Date: Tue, 28 Dec 2010 18:24:09 +0100

On Tue, Dec 28, 2010 at 12:11:47PM -0500, Nico Kadel-Garcia wrote:
> As Stefan pointes out elsewhere, svnserve will run without an
> svnserve.conf. Perhaps it *shouldn't*, and the default svnserve.conf
> should be published as svnserve.conf.tmpl? That would force manual
> enabling of a service that should not be available by default.

svnserve reads the repository's svnserve.conf file when it receives
a client request concerning this repository. In other words, there is
nothing we can do in the repository-specific svnserve.conf file to prevent
svnserve from starting in the first place.

Also, I don't understand how starting svnserve would help an attacker
since to start svnserve the attacker would already need access to
the system.

Users with shell access to the system can of course run their own
svnserve instance on an unprivileged port (and svnserve runs on an
unprivileged port by default).
There is no way to prevent this. The user might even copy an svnserve
binary from a remote system and run it.
But the same is true for any other network daemon that can be run on
an unprivileged port.

Stefan
Received on 2010-12-28 18:24:59 CET

This message: [ Message body ]
Next message: Les Mikesell: "Re: svnadmin create and not being method agnostic"
Previous message: Nico Kadel-Garcia: "Re: svnadmin create and not being method agnostic"
In reply to: Nico Kadel-Garcia: "Re: svnadmin create and not being method agnostic"
Next in thread: Nico Kadel-Garcia: "Re: svnadmin create and not being method agnostic"
Reply: Nico Kadel-Garcia: "Re: svnadmin create and not being method agnostic"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]