Comment 7 for bug 10560

Message-ID: <email address hidden>
Date: Tue, 23 Nov 2004 20:38:59 +0000
From: Philip Martin <email address hidden>
To: Adrian 'Dagurashibanipal' von Bidder <email address hidden>
Cc: <email address hidden>, Wilfried Goesgens <email address hidden>
Subject: Re: Bug#282468: subversion binaries should be replaced through
 wrapper scripts to prevent users of keep on screwing their repositories

Adrian 'Dagurashibanipal' von Bidder <email address hidden> writes:

> On Monday 22 November 2004 12.28, Wilfried Goesgens wrote:
>> Package: subversion
>> Version: 1.0.9-2
>> Severity: serious
>>
>> as the subversion book states, one should create a wrapper script
>> arround the subversion binaries to keep them from screwing the berkley
>> db and their file permission.
>
> I think this is a bug in subversion - the svn binary should take care about
> this, and not require a wrapper script.

The problem with forcing umask to 002 (whether by wrappers or in the
binaries) is that it could be considered a security bug as it means a
user may inadvertently allow group write access to repositories that
should be private. It's quite likely that someone would raise a
release-critical bug demanding that their chosen umask be respected
and not forced to 002.

Even if the umask is forced to 002 problems will still arise if the
repository is accessed by some other method e.g. httpd via mod_dav_svn
or python via the bindings.

The non-BDB backend in Subversion 1.1 propogates repository
permissions to new files as such files are created by Subversion
directly.

--
Philip Martin