[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Blocking root from SVN repository

From: Stefan Sperling <stsp_at_elego.de>
Date: Wed, 27 Aug 2014 15:23:37 +0200

On Wed, Aug 27, 2014 at 07:49:30AM -0500, Les Mikesell wrote:
> On Wed, Aug 27, 2014 at 6:36 AM, D'Arcy J.M. Cain <darcy_at_vex.net> wrote:
> > I have read the posts about trying to deal with an untrusted root. I
> > know that there is no point in even trying. That's not my issue. My
> > issue is that sometimes I accidentally commit as root and files get
> > changed to root ownership blocking normal access to the repository.
> > All I want is something that recognizes root and prevents the commit. I
> > don't care if it is easily overcome by root as long as root can choose
> > not to do so. In other words, a warning would be good enough.
> >
> It's basically a bad idea to use file:// access at all for anything
> that might be used under multiple user ids.

Yes. The file:// URLs are intended for testing purposes, *not* production.

That said, a one-line pre-commit hook script could check its UID and
disallow the commit if it is invoked as root:
if [ "`whoami`" == "root" ]; then exit 1; fi
Received on 2014-08-27 15:24:22 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.