Hello,
thanks for your answer.
While it is nice that you have concerns about my security in case I should have to deal with malicious servers,
I would prefer to have a choice. Maybe some setting wich allows me, based on the server URL (or if that's too
complicated for a start), to allow ../ in local externals paths or disallow this. With such a setting, SVN would
seamlessly allow us to use our current directory layout while maintaining the benefits of atimic checkins.
A colleague of mine who uses a similiar directory layout and currently uses CVS and would have to switch when our
SVN rollout happens now claimed that CVS supports this way of working (directory structure). If I'm not mistaken
SVN uses the claim "CVS done right". So it should support this, as this is a legitimate directory structure
And imposes no security problems in secure environments (eg. Our campus LAN with out local SVN server I administer).
What do I need to do to get this feature? Where do I need to lobby for it?
Best regards
Markus Humm
EB-EV
Entwicklung Elektronik
ebm-papst Mulfingen GmbH & Co. KG
Bachmühle 2
74673 Mulfingen
Phone.: +49 (7938) 81 531
Fax: +49 (7938) 81 9531
mailto: Markus.Humm_at_de.ebmpapst.com
http://www.ebmpapst.com
GreenTech - Ein Zeichen, mit dem wir Zeichen setzen. A symbol that defines standards.
-----Ursprüngliche Nachricht-----
Von: Daniel Shahaf [mailto:danielsh_at_elego.de]
Gesendet: Freitag, 2. März 2012 10:23
An: Humm, Markus
Cc: users_at_subversion.apache.org
Betreff: Re: Feature request: allow for relative working copy paths in svn:externals definition
Stefan Sperling wrote on Thu, Mar 01, 2012 at 17:27:52 +0100:
> On Thu, Mar 01, 2012 at 04:35:32PM +0100, Humm, Markus wrote:
> > In File
> >
> > »D:\Development\SVN\Releases\TortoiseSVN-1.7.5\ext\subversion\subver
> > sion\libsvn_wc\wc_db.c«, Zeile 2890: Assert-Anweisung schlug fehl
> > (svn_dirent_is_ancestor(wcroot->abspath, local_abspath))
> >
> > The local path of my svn:externals was this:
> > D:/u/svnexternaltest2/gemeinsamme_bibliotheken
> >
> > If I tried to use ../svnexternaltest2/gemeinsamme_bibliotheken instead Tortoise would detect that it contains a .. Or is a absolute path. Obviously either Tortoises or SVN's absolute path detection loginc is not 100% fool proof as well.
>
> Yes, this is a bug. Coincidentally this problem was discussed just today.
> See http://svn.haxx.se/users/archive-2012-03/0012.shtml
The assert is a bug, but the error is not. The code does not permit either absolute paths or paths containing ".." elements for security reasons. (to not allow a malicious server to create files in arbitrary places in the filesystem --- i.e., not under the wc root)
ebm-papst Mulfingen GmbH & Co. KG
Sitz der Gesellschaft: Bachmuehle 2, D-74673 Mulfingen
Kommanditgesellschaft Sitz Mulfingen: Amtsgericht Stuttgart HRA 590344
Komplementaer: Elektrobau Mulfingen GmbH, Sitz Mulfingen, Amtsgericht Stuttgart HRB 590142
Geschaeftsfuehrung: Hans-Jochen Beilke (Vorsitzender), Thomas Borst, Hans Peter Fuchs, Dr. Bruno Lindl, Thomas Wagner
Received on 2012-03-02 12:14:05 CET