[nSLUG] dll hijacking remedies create pain for POSIX OS's

George N. White III gnwiii at gmail.com
Thu Sep 2 12:31:54 ADT 2010


On Thu, Sep 2, 2010 at 10:33 AM, Ben Armstrong
<synrg at sanctuary.nslug.ns.ca> wrote:

> On 09/02/2010 10:16 AM, George N. White III wrote:
>> For about a week, our Mac OS X systems have, not surprisingly, had
>> problems with svn:
>> $ /opt/local/bin/svn up
>> svn: PROPFIND of '/repository/macports/trunk/dports': Could not read
>> status line: Connection reset by peer (http://svn.macports.org)
>>
>
> What does that 'svn up' script do anyway?

Not really a script -- "svn up" just updates the metadata repository
which contains the instructions for installing packages and sometimes
small patches.    The preferred mechanism uses rsync, but that
is blocked by the firewall here, so we use http.

> Normally if I have write access to a repo outside of the local network,
> I would use svn+ssh protocol to access it, and if access is read-only
> and no anonymous svn+ssh is provided, then use svn.
>
> But the error message above seems to indicate http protocol.  This is a
> less than wonderful way to deliver the material, as it is not really
> efficient.  Any project that only offers svn via http protocol should be
> urged to consider offering one of the alternatives as the rest of the
> world does.

The macports people aren't really the problem -- it is the large
organizations that only allow http thru the firewall (and now have
decided to break http in order to protect Windows from itself --
it really _IS_ better to loose svn's http support than to be on an
intranet infested with Windows malware).  What other
legit uses of PROPFIND have been blocked?

-- 
George N. White III <aa056 at chebucto.ns.ca>
Head of St. Margarets Bay, Nova Scotia



More information about the nSLUG mailing list