[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: passwd file permissions with svn+ssh

From: Kristian Kauper <kkauper_at_au.yahoo-inc.com>
Date: Wed, 30 Apr 2008 10:57:33 +1000

Greg, I'd love to tackle the patch, but probably don't have time in the
near future. Anyone else (with probably much more knowledge of the
system the I have!) want to give it a go?

-K

Karl Fogel wrote:
> Greg Hudson <ghudson_at_MIT.EDU> writes:
>> Long answer: from the server's viewpoint, svnserve sees that it has been
>> executed in "tunnel mode" (-t) which means the EXTERNAL auth mechanism
>> is available to the client. This mechanism allows the client to
>> authenticate by fiat, providing no additional credentials. "I already
>> proved to you who I am, let's move on." In theory, the client could
>> ignore EXTERNAL and choose to authenticate to a different user by
>> username/password. Our client never chooses to do this, but the server
>> code allows it. In that case, svnserve would need access to the
>> password file. Since that's not an authentication scenario most people
>> are interested in (or one our client supports), such access is not
>> generally important.
>
> Thank you for the clear explanation.
>
> So, Kristian Kauper... would you like to write the patch? It's okay to
> say no, of course, but we'd be remiss not to ask :-). See
>
> http://subversion.tigris.org/hacking.html#patches
>
> if you're not familiar with the patch submission guidelines already.
>
> Best,
> -karl
>

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: dev-help_at_subversion.tigris.org
Received on 2008-04-30 17:17:46 CEST

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.