Re: [SVN-DEV] Re: svn auth

From: Greg Stein <gstein_at_lyra.org>
Date: 2001-08-24 22:20:47 CEST

On Fri, Aug 24, 2001 at 04:08:33PM -0400, C. Scott Ananian wrote:
> On Fri, 24 Aug 2001, Greg Stein wrote:
>
> > I think you should learn more about the existing Apache authentication and
> > determine where/how that fails what you have in mind. It would /not/ be good
> > for SVN to go and develop a complete, secondary auth system when the front
> > line of our server is Apache. Integrating the auth system tightly with
> > Apache will be the best thing for admins out there. Maintaining multiple
> > auth systems is one of the bigger problems for an admin.
>
> But what about local repositories? Surely *some* secondary auth system is
> required.

Nope. If you have write access to the Berkeley DB (as you must for a local
repository), then you can circumvent any authorization system. Therefore, we
aren't even going to try to put one in place -- it would give people a false
sense of security.

(note: in the local case, authentication is already done: your login; it is
*authorization* that we're talking about at that point... this thread is
wavering back and forth between authentication and authorization...)

Cheers,
-g

-- 
Greg Stein, http://www.lyra.org/
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Received on Sat Oct 21 14:36:37 2006

This message: [ Message body ]
Next message: Greg Stein: "Re: [SVN-DEV] RE: Auth in ra_dav"
Previous message: C. Scott Ananian: "Re: [SVN-DEV] Re: svn auth"
In reply to: C. Scott Ananian: "Re: [SVN-DEV] Re: svn auth"
Next in thread: C. Scott Ananian: "Re: [SVN-DEV] RE: Auth in ra_dav"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]