Malcolm Rowe wrote:
> On Mon, May 21, 2007 at 09:34:45AM -0400, C. Michael Pilato wrote:
>> Also, I can't conceive of any real harm in letting someone tweak the author
>> or date of a partially-accessible revision. Okay, maybe if there's some
>> custom script in place that emails committers weekly the full log messages
>> of all the commits they made that week ("Subject: What You Did Last Week"),
>> this would let someone claim a revision that wasn't his and possibly see
>> privileged svn:log information when that email hits. But I think that's a
>> stretch.
>>
>
> You're right, that seems unlikely.
>
> Given that we already have revprop change hooks, aren't you actually
> asking: "should Subversion force a read-only policy for the partial
> access case"? And given that, I'd say the answer is emphatically not:
> there are some policies that are worth enforcing in the core, but this
> doesn't seem like one of them - let the hook dictate the policy, it's
> what it's there for.
Sorry to be annoying, but are you advocating a staged write access in the
core that matches our staged read access -- the "if you can see it, you can
change it" policy? Or are you saying we should leave all write-blocking to
the hooks?
> (Now, if you want to make a case that the hook should have an easy way
> to _detect_ this partial-access case, I completely agree, but that's a
> different discussion...)
Oh, I've already got a patch ready for commit that does the easy-detection
(for scripts that use the APIs/bindings. :-) That's no sweat.
--
C. Michael Pilato <cmpilato@collab.net>
CollabNet <> www.collab.net <> Distributed Development On Demand
Received on Mon May 21 16:22:22 2007