I'm setting up a svn server on top of Gentoo, and noticed that the default repository permissions are too broad. To harden access: 1. The repository permissions in "svn over ssh" should be applied to all access types; namely that only root should be able to edit conf and hooks, and only svnusers can write the db. 2. It should be noted that the membership of the svnusers group should be limited as much as possible: to users svn (for svn:// access), apache (for access via apache2), and svn+ssh users (for local or svn+ssh access). 2a. It should also be noted that svnusers membership is not required to use svn locally to access repositories on other systems. 3. chmod -R o-rwx /var/svn. The world has no business reading svn data, and for svnserve access, there may be plaintext passwords present for all users. 4. Likewise, the umask for the wrapper should be 007 not 002. If you prefer this as a patch to the ebuild, let me know... Reproducible: Always Steps to Reproduce: 1. emerge subversion 2. Read the elog output. 3. emerge --config subversion Actual Results: A subversion repository was configured in an insecure manner. Expected Results: The installation should have created a repository using the principle of least privilege.
(In reply to comment #0) > If you prefer this as a patch to the ebuild, let me know... yes, please
Created attachment 171494 [details, diff] subversion-1.5.4.ebuild.patch
(In reply to comment #0) > 2. It should be noted that the membership of the svnusers group should be > limited as much as possible: to users svn (for svn:// access), apache (for > access via apache2), and svn+ssh users (for local or svn+ssh access). The "svnusers" group is used only when svnserve (svn://) or svnserve+ssh (svn+ssh://) is used. Apache uses user "apache" and group "apache".
fixed, thanks
