> Portsnap uses secured access for getting updates out of Subversion The portsnap open source project pulls data insecurely using the url svn://svn.freebsd.org.
The server-side code of the FreeBSD portsnap system -- a closed source fork of the open source portsnap project -- happens to use secured access for pulling data from svn. This is not a trivial point. > whereas doing "svn co" remotely generally does not. Without knowing usage statistics there is no way to describe a "general" use case for `svn co`. The security of access of that command is entirely dependent on how it is parameterized. _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
