On Fri, 2010-07-09 at 12:45 -0400, Stefan Sperling wrote: > It's the older Windows systems that will still have problems, > and I don't think we should be ignoring them (as much as I'd love > it if everyone just ditched Windows for good).
Is this really a concern on Windows systems? This is basically a privilege escalation attack, and my understanding is that privilege separation is rarely used to great effect on Windows servers like it often is on Unix (such as web hosts). Put another way: is there really a situation where malware is running on the same Windows server as an svnserve process where security is not already irretrievably compromised?
