ct that most of the Subversion server usage is on POSIX-compliant
file systems which support the permissions for "others". But let's not
waste time to discuss this any further.
Bert Huijben wrote:
-Original Message-
From: Ivan Zahariev [mailto:rrdt...@famzah.net]
I think
You can always "chgrp $COMMON_GROUP .svn" directories and make all users
have this $COMMON_GROUP as their Group ID. This way they can still
share the ".svn" directories and still "others" (like the Web server)
won't be able to go in there.
You are right about the problem if someone chmod()'
y by the "owner" and "group") ?
You can review the full thread along with the security problem
description and a patch at the following address:
http://mail-archives.apache.org/mod_mbox/subversion-users/201001.mbox/%3c4b4b05e8.1060...@famzah.net%3e
Let me know what you think. Thanks.
Best regards,
Ivan Zahariev
3 matches
Mail list logo
