What I Learned from the apache.org Break-in
Posted Wednesday, April 14, 2010, at 5:01PM
Here’s my initial take-away after reading about the recent apache.org XSS-initiated break-in:
- If you’re going to allow caching of credentials (Subversion or otherwise) on a server, don’t use an account that shares credentials with any superuser account. Personally, I can’t think of a good reason for these credentials to be cached in the first place (except on a development machine). As an aside, by default, Mercurial doesn’t do this; I suppose the fact that every ‘svn commit’ is also a push makes this more “necessary” with Subversion.
- If you have an organization-wide login (say a Windows login that is automatically sync’ed with Subversion, your enterprise RDBMS, and who knows what else1), if at all possible use a different password on any server where you’ve got superuser access.
- All superuser accounts on servers should have different passwords; at a minimum, if you use a common password for superuser accounts across servers, don’t use this password for other accounts.
- Use Trac instead of Jira. 
That’s a bare minimum; I’m still thinking about how vulnerable the organization I work for might be. Most of this probably seems obvious, but I’m betting that these and other less-than-best practices are extremely common.
1 This is a purely hypothetical scenario. ;)
 Just kidding?