[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Could svn check permissions?

From: John Peacock <jpeacock_at_rowman.com>
Date: 2003-09-05 19:32:26 CEST

Greg Hudson wrote:

>>1) Add a new option to 'svnadmin create'
>> --group=ARG : create repository as group ARG
>
>
> We cannot set the group permissions of a BDB database without looking
> under the covers.

This part I don't understand. When creating the repository, why is it not
appropriate to create it with something other than the default current user
rights? This is a _new_ database, so nothing is be changed "under the covers"
but rather overtly, and only in response to a specific request from the user. I
could trivially write a wrapper for svnadmin which would perform the chmod/chown
after the file creation (exactly as documented in the book). Why is that not
available to svnadmin itself?

Isn't it possible to use setgid() to change the group ID of the current process
only (in this case the svnadmin)? Of course, a nonpriveledged account could
only switch to one of the groups, but a priveledged user could switch to any
group/user for the duration of the svnadmin call. Once the process GID has been
changed, the calls to BDB will have the correct effect, won't they?

I have to confess, I come already poisoned with the Dan Bernstein way of doing
things. In order to install a program that is intended to run as a user, you
must specify the user/group that will be run as during the initialization. Then
all files/directories are set appropriately.

>>2a) Alter svn to always set umask S_IRUSR, S_IWUSR, S_IRGRP, and S_IWGR prior to
>>opening the database (will this work?);
>
>
> libsvn_fs is a library. It cannot in good conscience modify global
> process state. (We can't even get away with modifying it and setting it
> back again when we're done, because of threads.)

While it is true that libsvn_fs is a library, it is a mediating library, by
which I mean that no access to the database happens except through that library,
or am I wildly misunderstanding the architecture. Since all roads lead through
libsvn_fs, there are no thread issues per se since every thread will set the
same umask settings before opening the database.

Am I misunderstanding umask() (the C library version) then? Does that not
change the umask for the current process, which would then be inherited when
calling the BDB library?

John

-- 
John Peacock
Director of Information Research and Technology
Rowman & Littlefield Publishing Group
4501 Forbes Boulevard
Suite H
Lanham, MD  20706
301-459-3366 x.5010
fax 301-429-5748
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Sep 5 19:33:10 2003

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.