On Fri, 2010-07-09 at 11:44 -0400, Stefan Sperling wrote: > As far as I can tell there is little we can do to secure svnserve > against this attack on Windows systems other than Server 2003, > because APR won't let us set the SO_EXCLUSIVEADDR option.
That's okay, we don't want the SO_EXCLUSIVEADDR behavior. We want the default behavior under Windows, which corresponds to the SO_REUSEADDR behavior under Unix.
