[Discuss] Setup An SVN Repository server
Bill Bogstad
bogstad at pobox.com
Tue Jan 28 11:50:57 EST 2014
On Tue, Jan 28, 2014 at 11:20 AM, Edward Ned Harvey (blu)
<blu at nedharvey.com> wrote:
>> From: discuss-bounces+blu=nedharvey.com at blu.org [mailto:discuss-
>> bounces+blu=nedharvey.com at blu.org] On Behalf Of John Malloy
>>
>...
> If you're going to grant ssh to the server anyway, then you might as well do svn over ssh. If you *don't* want to grant ssh access to the machine, then you're probably better off going with http/https.
And to be clear, allowing ssh access to the svn command does not have
to mean giving easy shell access. Here's a web page that documents
two ways to restrict execution access via ssh:
http://www.wallix.org/2011/10/18/restricting-remote-commands-over-ssh/
Note: I said "easy shell access". I don't know if there is some way
to get a shell via svn (whether buffer overflow or legitimate
but obscure command). If you really need to protect against criminal
mischief (as opposed to just user error); you should obviously vet any
method carefully.
Bill Bogstad
More information about the Discuss
mailing list