AW: Web site: checkout or export?
From: Markus Schaber <m.schaber_at_3s-software.com>
Date: Wed, 27 Jul 2011 14:57:43 +0200
Von: Andy Canfield [mailto:andy.canfield_at_pimco.mobi]
> - Using 'svn checkout', the working web site will have the subversion
You could use some pattern based access control (Apache is very configurable in that respect) to prevent remote access to all pathes containing .svn in their url.
And the security hole should be not that large, as the .svn directory usually does not contain any authentication information.
Subversion 1.7 will further improve on that situation, you only have a single .svn directory then. And you can use the trick of directing the webserver to a subdir of your working copy, so the .svn directory is completely out of the web servers path.
Mit freundlichen Grüßen
3S-Smart Software Solutions GmbH
Geschäftsführer: Dipl.Inf. Dieter Hess, Dipl.Inf. Manfred Werner | Handelsregister: Kempten HRB 6186 | USt-IDNr.: DE 167014915
This is an archived mail posted to the Subversion Users mailing list.