[HCoop-Discuss] Subversion security issue
Omry Yadan
omry at yadan.net
Sat Nov 4 05:17:00 EST 2006
Nathan Kennedy wrote:
> Paul Anderson wrote:
>
>> On 11/3/06, Omry Yadan <omry at yadan.net> wrote:
>>
>>
>>> an alternative solution is to run a local apache as yourself, and proxy
>>> to it from the shared one.
>>>
>>>
>>>
>> Oooh, bad bad bad. No proxying:) I'm not fond of having individual
>> users running their own apache. It adds to the load on the machine,
>> although I'm not familiar with the hardware specs we're dealing with.
>> There are some options available with custom tunnels that are vastly
>> to be preferred, and much more lightweight on the server.
>>
>>
> I'm not at all a fan of it either, for the saem sort of reasons, but the
> fact is we have several users doing just that. I think it should be a
> matter of last resort,
I agree, and just for the record, I have been working on getting svn to
work the way I want it to on hcoop for sevrral whole evenings, maybe a
total of 15 -20 hours.
> but if that's the only way to securely
> accommodate something, it's better than someone going elsewhere for
> their needs. Saying to switch to darcs or some other software is not
> solving the issue.
>
agree again - personally I am not going to switch to anything else any
time soon.
> Unrelated note: We may want to offer Xen VPS's sometime in the future
> after migrating, which would be an option for users with a lot of
> advanced needs beyond shared hosting and who can shell out a little more.
>
I might be a candidate for something like that, given that the cost is
not much higher.
> In the meantime it would be great if we could figure out a way to get
> shared SVN through Apache to work, obviously allowing users to run code
> as www-data is very problematic.
>
see my other message to the list.
Omry.
More information about the HCoop-Discuss
mailing list