Hi, Am Freitag, den 07.09.2007, 10:59 +0200 schrieb Florian Weimer: > * Joachim Breitner: > >> I think mounting the file system no-exec covers that. IIRC, > >> Subversion directly executes the hook scripts, and this will fail in > >> that case. > > > > Then this should be mentioned in the file. I also think that this is > > quite a high hurdle: Admins that want that can surely re-compile > > scponly. > > It's mentioned in the file (item 7), but I agree that this is not the > target group of the Debian package.
Sorry, didn’t read it all. > > For the rest, the debian package should come without svn > > support. The README.Debian could describe the disabled features, and > > under what circumstances they are save, and how best to recompile > > scponly. > > The package could create two binaries, one that supports just > scp/sftp, and another one for the rest. Sounds good, but that’s up to the maintainer. Thomas, are you reading this? > For the stable security update, it's probably best to just disable > Subversion/Unison/rsync. I agree. Greetings, Joachim -- Joachim "nomeata" Breitner Debian Developer [EMAIL PROTECTED] | ICQ# 74513189 | GPG-Keyid: 4743206C JID: [EMAIL PROTECTED] | http://people.debian.org/~nomeata
