subversion-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bert Huijben" <b...@qqmail.nl>
Subject RE: Bug report: The auto-props setting of svn:mime-type is impossible to avoid.
Date Sun, 04 Oct 2015 22:06:59 GMT
> -----Original Message-----
> From: Stefan Sperling [mailto:stsp@elego.de]
> Sent: zondag 4 oktober 2015 22:01
> To: Branko ─îibej <brane@apache.org>
> Cc: users@subversion.apache.org
> Subject: Re: Bug report: The auto-props setting of svn:mime-type is
> impossible to avoid.
> 
> On Sun, Oct 04, 2015 at 09:16:04PM +0200, Branko ─îibej wrote:
> > On the other hand, I am surprised that the logic that uses libmagic
> > isn't turned off with 'enable-auto-props=no'. After all, using libmagic
> > is just a convenient extension to the definitions in the [auto-props]
> > section.
> 
> Recall that the idea was to make setting svn:mime-type convenient.
> 
> Before we added this feature, people had to fiddle with their client
> config, know what MIME-types are about, what useful values to set
> them to, and keep their config consistent across all systems they
> used since libmagic support pre-dates the svn:autoprops feature.
> In a sane universe, almost nobody would ever bother setting it up that way.
> 
> I am not opposed to the idea, though. But not because of the fairly
> minor configurability issues raised in this thread. Rather, because
> the more I learn about how libmagic actually works, the more potentially
> dangerous, from the security point of view, it seems to be.
> The libmagic parser could potentially cause security problems whenever
> people are adding untrusted files to SVN. Which is a good reason to make
> this feature opt-in.

I would support changing Subversion to -by default- disable this feature, unless it is enabled
in the configuration (or some flag passed to 'svn add' in 1.10+).

I'm not sure if I would call it a security problem when a user adds a file of their choosing
to Subversion though :-)


This whole discussion -in its many iterations- is one of the reasons why I never looked at
enabling this feature on Windows.

	Bert


Mime
View raw message