Ineiev wrote: > I have a hypothesis. I may have changed the permissions when > I modified sv_groups to create repositories of private groups > with less permissive access in November. gnueval was the only > private group using Subversion, so no other repositories were > affected.
I see that nothing more has happened on this issue since then. My bad that I have been busy with other things and not driving on this issue. What's the plan to address the security vulnerability by having this private directory in the public directory area? That's something that needs to be fixed. Otherwise it will always be a source of errors making private data public. And trying to keep it private will be an endless wack-a-mole of trying to block it. Bob
