Could svn_backend check permissions?

1) Obviously, a permissions check, if there is one, belongs in the
   filesystem driver.

2) The cost of the check is minimal. Stat'ing a dozen files is cheap
   because the OS caches the data. Subsequent access by BDB will open
   the same files using the cached data.

3) The expense of not performing it is kinda high when we see how
   often permissions problems plague users. If Subversion isn't easy
   to use then it won't be used. Admonishing people for failing to
   read the documentation is a poor sales pitch.

4) AFAICT, there is no fix to be made in svnadmin because this isn't
   really a setup issue. People change the way that they use
   their repositories. Sometimes that new behavior, while valid in
   concept, isn't well executed. It would be *way* helpful if the
   program let the user know more explicitly what the problem is.

The HACKING guide suggests to me that the project bears the value of
sturdy design:

  Input validation is the act of defining legal input and rejecting
  everything else. The code must perform input validation on all
  untrusted
  input.

I asked the question to see if this has come up before. It appears
that it hasn't.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Sep 5 04:15:40 2003