subversion-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From danie...@apache.org
Subject svn commit: r1144720 - /subversion/site/publish/docs/release-notes/1.7.html
Date Sat, 09 Jul 2011 19:21:47 GMT
Author: danielsh
Date: Sat Jul  9 19:21:46 2011
New Revision: 1144720

URL: http://svn.apache.org/viewvc?rev=1144720&view=rev
Log:
Document a quick way to block 'svnrdump load'.

Via use of 'svnrdump load' anyone with commit access could create thousands of
revisions of history arbitrarily; consequently, server administrators may want
to prevent its unintentional or uncoordinated use.  (This problem doesn't exist
with svnsync, since the latter refuses to write to a non-empty repository.)

Suggested by: gstein
              me

* docs/release-notes/1.7.html
  (svnrdump): Add a hook script to block non-custom-compiled svnrdump instances.
    [ As an aside, we could in theory use the *_client_string API's for that,
      but that requires more invasive code changes. ]

Modified:
    subversion/site/publish/docs/release-notes/1.7.html

Modified: subversion/site/publish/docs/release-notes/1.7.html
URL: http://svn.apache.org/viewvc/subversion/site/publish/docs/release-notes/1.7.html?rev=1144720&r1=1144719&r2=1144720&view=diff
==============================================================================
--- subversion/site/publish/docs/release-notes/1.7.html (original)
+++ subversion/site/publish/docs/release-notes/1.7.html Sat Jul  9 19:21:46 2011
@@ -528,6 +528,25 @@ href="http://subversion.tigris.org/issue
  >issue #3546</a>), and the same <a href="#atomic-revprops">server-side
 workaround</a> is available.</p>
 
+<p>Server administrators who would like to block their users
+from committing via <tt>svnrdump load</tt> may do so by installing the
+following <tt>pre-revprop-change</tt> script:</p>
+
+<pre>
+#!/bin/sh
+PROPNAME="$4"
+if [ "$PROPNAME" = "svn:rdump-lock" ]; then
+  echo "'svnrdump load' disabled by the server administrator" &gt;&amp;2
+  exit 1
+fi
+exit 0
+</pre>
+
+<p>This hook script suffices to protect repositories from <em>accidental</em>
use
+of <tt>svnrdump load</tt>.  It does not (and cannot) protect the server from

+users who intentionally recompile <tt>svnrdump</tt> in order to bypass this
+restriction.</p>
+
 </div>  <!-- svnrdump -->
 
 <div class="h3" id="patch">



Mime
View raw message