subversion-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Brodbeck <bro...@uw.edu>
Subject Re: svnadmin create and not being method agnostic
Date Wed, 05 Jan 2011 18:59:59 GMT
On Tue, Jan 4, 2011 at 6:31 PM, Nico Kadel-Garcia <nkadel@gmail.com> wrote:

> It's *too* easy. Since the default svnserve.conf is very permissive,
> and because default svnserve is on an unprivileged port so any user
> can serve anyone else's "readable" repository to outside access,
> without the original author's knowledge or explicit consent.


Maybe I'm missing something here, but if someone has the ability to log into
the server, read the repository, and run arbitrary processes...can't they
just make a copy of the repository, create their own svnserve.conf in the
copy, and then do exactly the same thing?  I'm not sure you're improving
your security as much as you think you are just by removing svnserve.conf.
Even removing the svnserve binary won't necessarily help if users have
access to build tools.

If you're really worried about rogue users distributing files in violation
of company policy, you're going to have to keep them off the server, at a
minimum.  That doesn't solve the problem either -- you then have to start
worrying about what they do with their working copies -- but it prevents
them from running their own rogue Subversion servers, at least.

-- 
David Brodbeck
System Administrator, Linguistics
University of Washington

Mime
View raw message