> 2010/12/28 Thorsten Schöning <tschoening_at_am-soft.de>
> Guten Tag Philip Prindeville,
> am Montag, 27. Dezember 2010 um 22:28 schrieben Sie:
>
> > In our case, we're setting up a secured source repository inside
> > our network, for outside access (via port-forwarding on our
> gateway).
> In this scenario and if security is this important for you, then
> why
> not just use svnserve?
>
> I don't know what Philip's reasons are, but svnserve does have some
> shortcomings that might make it unsuitable for sites that are
> serious about security. The most obvious one is that it requires
> passwords to be stored in cleartext in the repository passwd file
> on the server.
You can use SASL with svnserver and you can use svn+ssh to tunnel through ssh which I hear is pretty secure.
> Another one is its lack of any logging or auditing
> capabilities.
v1.6 added logging to svnserve.
>
> On the other hand, when you start using Apache you've got a whole
> 'nother pile of code that can have security holes in it...so it's
> really a matter of which risk you're more concerned about.
yep, 6 of one...
BOb
> --
> David Brodbeck
> System Administrator, Linguistics
> University of Washington
Received on 2010-12-29 16:29:54 CET