[Ffmpeg-devel] CVS --> Subversion conversion, test repository
Tue May 23 15:31:22 CEST 2006
On Tuesday 23 May 2006 15:16, Diego Biurrun wrote:
> On Tue, May 23, 2006 at 01:30:37PM +0200, Christian Iversen wrote:
> > On Tuesday 23 May 2006 11:58, Diego Biurrun wrote:
> > > On Tue, May 23, 2006 at 01:16:10AM +0200, Christian Iversen wrote:
> > > > On Tuesday 23 May 2006 00:35, Diego Biurrun wrote:
> > > > Advantages:
> > > >
> > > > - Much, much easier to administer for several users
> > >
> > > Why would that be? svnserve configuration is not complex at all, while
> > > Apache problems can be devilish to debug.
> > Well, I don't agree completely there, but then again I set up apache
> > configurations for $$ :-)
> > Also, the subversion extension to apache allows much more fine-grained
> > control over user permissions. For instance, you could give a new
> > developer write access only to /trunk/somelib for a while, before giving
> > him rw on /trunk.
> You can do that with svnserve as well.
Really? I'm confused then. This is from svnbook:
"Notice that svnserve only understands ?blanket? access control. A user either
has universal read/write access, universal read access, or no access. There
is no detailed control over access to specific paths within the repository.
For many projects and sites, this level of access control is more than
adequate. However, if you need per-directory access control, you'll need to
use Apache instead of svnserve as your server process."
> > > > - Runs on apache, so it's a proven technology with a fair security
> > > > history.
> > >
> > > Apache is proven but surely not secure, just revisit its formidable
> > > list of security advisories. Besides Apache is huge and complex, which
> > > in itself is a contradiction to being secure. svnserve on the other
> > > hand is small and does just one thing. It's been in production use for
> > > enough time to call proven technology as well IMO.
> > In my defense, I wrote "fair", not "perfect" ;-)
> OK. Still Apache is something to worry about, it's not vsftpd ..
I'd worry about any internet-enabled program, but that's just me. I understand
your point though :-)
More information about the ffmpeg-devel