CVS-SVN Vulnerability

A vulnerability in CVS and Subversion, which allows remote compromise of machines that publish read-only repositories.

Security problems happen in complex code. It's an argument against version control systems that need custom protocols and special servers to publish code. Most of the distributed systems can do without this, and can make read-only repositories available through a static HTTP server. Arch and Darcs can do this. Monotone and Codeville seem to require their own servers.

We think this reduces security exposure because most projects are likely to have at least a static web site already. Adding read-only files containing the repository doesn't increase the surface of code in the web server that can be reached by an attacker.

To some extent you can simulate this under CVS or Subversion by copying code to a separate machine which provides a read-only public repository, but it's still a little more risky.