alitheg commented on issue #718: URL: https://github.com/apache/tooling-trusted-releases/issues/718#issuecomment-3991568981
Is it worth checking (I haven't looked at the SVN import code yet) that the import doesn't allow a user to (maliciously or accidentally) import the root of the SVN repo? If we know it's always a path, and since we know the structure at a high level of ASF's `svn:dist` repo, that's some level of protection against the "disk space exhaustion" risk it's concerned about? Of course, if someone's actual space in `svn:dist` is huge that's another matter. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
