• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 434
  • Last Modified:

SVN repository files are accessible in Apache for some reason...

Hopefully this is a quick one.

I am setting up a new SVN Repository.  It's a brand new CentOS 6.4 server installed with the "Basic Server" option, and then I installed the subversion and mod_authz and some ldap packages.

My SVN home directory is /var/www/svn/, and my repository is called "mystuff", so the actual repository files are available at /var/www/svn/mystuff

My /etc/httpd/conf.d/subversion.conf is below:

LoadModule dav_svn_module     modules/mod_dav_svn.so
LoadModule authz_svn_module   modules/mod_authz_svn.so

<Location /repos>
   DAV svn
   SVNParentPath /var/www/svn

   AuthType Basic
   AuthName "Please login with your LDAP account details"
   AuthBasicProvider ldap
   AuthLDAPBindPassword "(REDACTED)"
   Require ldap-group (REDACTED)

Open in new window

When I go to http://xxx.xxx.xxx.xxx/repos/mystuff I successfully am prompted for authentication, and then I see the SVN repository.

Accessing the repository works as expected
HOWEVER, if I go to http://xxx.xxx.xxx.xxx/mystuff I am presented with the raw repository database files in the /var/www/svn/mystuff ! Without authentication!

Accidental access to the repository files

I'm totally stumped. I never specified anywhere in my config that this should be the case, I don't understand why I can access the repository files directly like that. And I'm sure it's a security issue.

Anybody know what's going on?

  • 2
1 Solution
Frosty555Author Commented:
Okay I was just stupid...

In a previous failed attempt, I accidentally called "svnadmin create" and make an empty SVN repository called "mystuff" in the /var/www/html/ folder.

It's amazing how just writing out the question and posting it here helped me come to the answer. Rubber duck debugging, huh?
Frosty555Author Commented:
see comments above
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

A proven path to a career in data science

At Springboard, we know how to get you a job in data science. With Springboard’s Data Science Career Track, you’ll master data science  with a curriculum built by industry experts. You’ll work on real projects, and get 1-on-1 mentorship from a data scientist.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now