svnserve not strictly required?
Posted
by Kev
on Stack Overflow
See other posts from Stack Overflow
or by Kev
Published on 2010-03-12T21:24:50Z
Indexed on
2010/03/12
21:27 UTC
Read the original article
Hit count: 334
I was reading the Red Bean book and noticed this paragraph:
Do not be seduced by the simple idea of having all of your users access a repository directly via file:// URLs. Even if the repository is readily available to everyone via a network share, this is a bad idea. It removes any layers of protection between the users and the repository: users can accidentally (or intentionally) corrupt the repository database, it becomes hard to take the repository offline for inspection or upgrade, and it can lead to a mess of file permission problems (see the section called “Supporting Multiple Repository Access Methods”). Note that this is also one of the reasons we warn against accessing repositories via svn+ssh:// URLs—from a security standpoint, it's effectively the same as local users accessing via file://, and it can entail all the same problems if the administrator isn't careful.
I realized that, since I'm the only one accessing the repository, ever, none of these caveats seem to apply. Can I safely down svnserve
then and only ever have to worry about upgrading my TortoiseSVN client, not both the client and the server whenever there's a new version out?
(I've tried it already--just needed to use the Relocate feature to switch from svn:// to file://--but I wanted to make sure something wouldn't be sneaking up on me if I left it this way.)
© Stack Overflow or respective owner