Displaying 1 result from an estimated 1 matches for "preventing_svn_exposur".
Did you mean:
preventing_svn_exposure
2006 Aug 25
10
SVN security hole explained
Hi all,
If you are using Pound / Pen or another load balancer, I believe you
should read this:
http://blog.teksol.info/articles/2006/08/25/subversion-metadata-exposure-on-mongrel
My article refers to Dan Benjamin''s
http://hivelogic.com/articles/2006/04/30/preventing_svn_exposure
My point is that even though we are preventing Apache from serving
anything except a select few file extensions, Mongrel is serving up
the files behind the scenes.
So, http://myrailsapp.com/.svn/entries exposes Subversion metadata.
Go and read the posts, well worth the time:
http://blog.teksol....