> 2010/12/28 Thorsten Schöning <tschoen...@am-soft.de> > Guten Tag Philip Prindeville, > am Montag, 27. Dezember 2010 um 22:28 schrieben Sie: > > > In our case, we're setting up a secured source repository inside > > our network, for outside access (via port-forwarding on our > gateway). > In this scenario and if security is this important for you, then > why > not just use svnserve? > > I don't know what Philip's reasons are, but svnserve does have some > shortcomings that might make it unsuitable for sites that are > serious about security. The most obvious one is that it requires > passwords to be stored in cleartext in the repository passwd file > on the server.
You can use SASL with svnserver and you can use svn+ssh to tunnel through ssh which I hear is pretty secure. > Another one is its lack of any logging or auditing > capabilities. v1.6 added logging to svnserve. > > On the other hand, when you start using Apache you've got a whole > 'nother pile of code that can have security holes in it...so it's > really a matter of which risk you're more concerned about. yep, 6 of one... BOb > -- > David Brodbeck > System Administrator, Linguistics > University of Washington
