Hacker News new | past | comments | ask | show | jobs | submit login

.

It's especially bad because svn puts a .svn in each directory. With e.g. mercurial or git, you can tuck the (visible) site in a subdirectory of the repo itself (project/pages), and the .hg/.git (project/.hg|project/.git) won't be accessible.

Of course the best option is still to use exports and symlinks.




Of course, it's not too tricky to configure, say, Apache to block access to all the .svn directories:

http://www.subversionary.org/martintomes/preventing-access-t... http://blog.samdevore.com/archives/2006/05/01/hivelogic-prev...


Case in point to complement my previous post:

http://fr.php.net/.svn/entries secure

http://fr2.php.net/.svn/entries open


It's not, but if you ever forget to set this config anywhere, you're hosed.

The ideal way is to not take the risk in the first place. You can't forget something you don't have to do.


Spot on. Even with proper auth rules it would still trouble me knowing I had my source exposed to the world. I'm a big fan of exports and now, thanks to you and masskin(sp?), really digging the symlinks idea.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: