Peter Samuelson wrote: > [Jon Foster] >> All he has to do is change the svn:sync-from-url property on the >> mirror repository to be a file:// URL to the source repository, >> rather than a http:// one. The correct file:// URL is probably >> guessable. > > I'd never thought of this as as security problem, but I _do_ think it's > a suboptimal design where a svnsync setup stores state on the mirrored > repository which is relative not to the mirror, but to whoever is > running svnsync. > >> Please can we change "svnsync sync" to allow both the source and >> target URLs to be specified? That rather simple measure would block >> this attack. Since svnsync is usually invoked from a script, typing >> the extra URL isn't a problem. > > Yes, this sounds like a good design anyway, aside from the security > question.
I'm coding right now along these lines. -- C. Michael Pilato <cmpil...@collab.net> CollabNet <> www.collab.net <> Distributed Development On Demand
signature.asc
Description: OpenPGP digital signature
