RE: svnadmin create and not being method agnostic

From: Bob Archer <Bob.Archer_at_amsi.com>
Date: Tue, 11 Jan 2011 10:31:44 -0500

> > svnadmin create .\repository
> > svnserve -r .
> >
> > and a repository is created and served via svnserve. With the
> above
> > defaults, a third step is required, which can get tedious. I'd
> propose
> > enabling svnserve by default, and it can then be disabled if
> required. This
> > also maintains the ease of creating test scripts to try and
> reproduce
> > issues.
>
> It's *too* easy. Since the default svnserve.conf is very
> permissive,
> and because default svnserve is on an unprivileged port so any user
> can serve anyone else's "readable" repository to outside access,
> without the original author's knowledge or explicit consent. The
> default permissions of "svnadmin create" and "svnadmin hotcopy" are
> much too permissive, and the concatenation of separate "the admin
> should set these if they want" options creates a quite noticeable
> security risk.

Yes, well aren't you still only keeping the honest people honest? Since svn is open source anyone can edit the code so the check of servers.conf is a no-op and it serves anyway.

Why are you making your repository "readable" in the first place?

BOb
Received on 2011-01-11 16:32:25 CET

This message: [ Message body ]
Next message: NN Ott: "Feature Request: [Was: Best way to maintain patches to a 3rd party library?]"
Previous message: kmradke_at_rockwellcollins.com: "Re: Is there a 2 GB file size limit in Subversion - Apache? 413 Request Entity Too Large -- Solution"
In reply to: Nico Kadel-Garcia: "Re: svnadmin create and not being method agnostic"
Next in thread: Philip Prindeville: "Re: svnadmin create and not being method agnostic"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]