> > svnadmin create .\repository > > svnserve -r . > > > > and a repository is created and served via svnserve. With the > above > > defaults, a third step is required, which can get tedious. I'd > propose > > enabling svnserve by default, and it can then be disabled if > required. This > > also maintains the ease of creating test scripts to try and > reproduce > > issues. > > It's *too* easy. Since the default svnserve.conf is very > permissive, > and because default svnserve is on an unprivileged port so any user > can serve anyone else's "readable" repository to outside access, > without the original author's knowledge or explicit consent. The > default permissions of "svnadmin create" and "svnadmin hotcopy" are > much too permissive, and the concatenation of separate "the admin > should set these if they want" options creates a quite noticeable > security risk.
Yes, well aren't you still only keeping the honest people honest? Since svn is open source anyone can edit the code so the check of servers.conf is a no-op and it serves anyway. Why are you making your repository "readable" in the first place? BOb
