开发者

SVN access/security concern

开发者 https://www.devze.com 2022-12-22 23:17 出处:网络
I\'m considering using a third party hosting company to house an SVN repository.(I\'m looking at Dreamhost but this may apply to other hosts as well.)

I'm considering using a third party hosting company to house an SVN repository. (I'm looking at Dreamhost but this may apply to other hosts as well.)

The hosting company sets up the repository at http://svn.yourdomain.com/path. The problem I have noticed is that a开发者_如何学Cnyone could come along and export the files using:

svn export http://svn.yourdomain.com/path

Obviously I will need to export the files myself, but is there a way to secure this on a shared host so others don't have the ability to export this over http? Or is the real solution to manage your own SVN server?

Thanks for your thoughts.


From your other comments, you are running into Subversion caching your authentication. See the section in the book that covers caching of passwords.


Subversion has a built-in ACL system. Your repository is going to be protected by a username/login challenge.

Authentication is pretty fine-grained, you can specify read / commit / both access for every single directory in the repository.


Dreamhost allow you to password protect your repository. As should any other host that you're paying for (some of the free ones won't let you).


With DreamHost, you can easily setup username/password protection using this guide. (See point 3.3) However, I don't know how secure this is, as I believe it uses basic HTTP authentication, which transmits credentials in plain text.

0

精彩评论

暂无评论...
验证码 换一张
取 消