subversion-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject svn commit: r1144720 - /subversion/site/publish/docs/release-notes/1.7.html
Date Sat, 09 Jul 2011 19:21:47 GMT
Author: danielsh
Date: Sat Jul  9 19:21:46 2011
New Revision: 1144720

Document a quick way to block 'svnrdump load'.

Via use of 'svnrdump load' anyone with commit access could create thousands of
revisions of history arbitrarily; consequently, server administrators may want
to prevent its unintentional or uncoordinated use.  (This problem doesn't exist
with svnsync, since the latter refuses to write to a non-empty repository.)

Suggested by: gstein

* docs/release-notes/1.7.html
  (svnrdump): Add a hook script to block non-custom-compiled svnrdump instances.
    [ As an aside, we could in theory use the *_client_string API's for that,
      but that requires more invasive code changes. ]


Modified: subversion/site/publish/docs/release-notes/1.7.html
--- subversion/site/publish/docs/release-notes/1.7.html (original)
+++ subversion/site/publish/docs/release-notes/1.7.html Sat Jul  9 19:21:46 2011
@@ -528,6 +528,25 @@ href="
  >issue #3546</a>), and the same <a href="#atomic-revprops">server-side
 workaround</a> is available.</p>
+<p>Server administrators who would like to block their users
+from committing via <tt>svnrdump load</tt> may do so by installing the
+following <tt>pre-revprop-change</tt> script:</p>
+if [ "$PROPNAME" = "svn:rdump-lock" ]; then
+  echo "'svnrdump load' disabled by the server administrator" &gt;&amp;2
+  exit 1
+exit 0
+<p>This hook script suffices to protect repositories from <em>accidental</em>
+of <tt>svnrdump load</tt>.  It does not (and cannot) protect the server from

+users who intentionally recompile <tt>svnrdump</tt> in order to bypass this
 </div>  <!-- svnrdump -->
 <div class="h3" id="patch">

View raw message