November 23rd, 2009, 07:41 PM
Safe mod_dav_svn and Lighttpd
I've been trying to setup a secure subversion repository using apache22 and mod_dav_svn, but could not find a reasonable way of denying other virtualhosts access to the repository.
I think I prefer mod_dav_svn over svn+ssh because of the logging and better access control, but i don't know how to authenticate with a mysql database without sasl.
I thought I could instead chroot a subversion apache and bind it to localhost only. Then setup lighttpd + php-fastcgi to satisfy my other httpd requirements and proxy a virtualhost with the local apache22.
Isn't there a better way of doing this?