On Thu, Dec 30, 2010 at 9:41 AM, Bob Archer <bob.arc...@amsi.com> wrote:
> Is there really that much overhead in deleting the binary and insuring the > correct permissions are used on the repository folders to "keep the honest, > honest?" After all, any one with root/administrator access is able to bypass > anything you've done anyway. That one's nasty. Since it runs on a "high numbered port", any user can run a binary to access it, at least as long as the repository folders are readable to that user. And since they are by default with the 'svnadmin hotcopy' and 'svnadmin create' commands, well, it gets difficult. It's concievable to set the umask inside 'svnadmin create' to be 077, and for 'svnadmin hotcopy' to replicate such permissions, but that would take a lot more work and especially a *lot* more testing. > It rather see the devs working on 1.7 WC features like a real "branch" > command, performance, etc, rather than adding a config option that nobody > will use. > > Also, if you want a more "secure" version of subversion package up your own > binaries that don't include svnserve... let the svn dev's work on the stuff > that we can't do with 3 or 4 lines of a batch/command file. > > BOb > That requires manual editing of the installer. Feasible for Subversion RPM's, but a bit awkward for many other developers, and bound to cause confusion.
