* Florian Weimer: retitle 437148 "svn", "svnserve", "unison", "rsync" passthrough is unsafe thanks
> svn checkout (write arbitrary files) > svn export (write arbitrary files) These two are non-issues because scponly relies on UNIX permissions to restrict write access. > Your example shows that "svnserve" isn't safe, either. Similar tricks can be played with rsync (create an rsyncd.conf with a pre-xfer exec or post-xfer exec option; start a daemon, and connect to it) and unison (provided that you can create files in ~/.unison, which is quite likely). -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
