[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Adding ACL support was Re: SV: Accessing different revs via Apache?

From: Noel Yap <yap_noel_at_yahoo.com>
Date: 2002-10-14 01:39:07 CEST

> There are two types of ACLs:
>
> 1. ACLs of the versioned resource: Here I think of
> POSIX ACLs, or even
> extended attributes. These should be versioned. I do
> not remember having
> read anything about these on this list, only about
> X-flags.

I'm not sure how useful this would be since such
things are usually done upon install. OTOH, if
something like this were done, I would agree that
since these are attributes of the versioned object,
they should also be versioned.

> 2. ACLs controlling access to the repository: Some
> time ago there was a
> discussion on the list that came to the conclusion
> that versioning those
> would probably not make much sense, except maybe for
> a kind of group (as
> in project members) property which could be used as
> an identifier for
> non-versioned ACLs. Or did I get that wrong?

I would have no problems with versioning membership
information so long as the permissioning always uses
the latest version of the list.

OTOH, I seem to recall reading that permissioning
would be done using role-based access control (RBAC).
For example, the following info would be kept per
resource:
1. User u0 would have role r0 on element e0.
2. Role r0 would have certain defined permissions on
e0.

Am I recalling correctly? Or would it really be more
like POSIX ACLs?

Thanks,
Noel

__________________________________________________
Do you Yahoo!?
Faith Hill - Exclusive Performances, Videos & More
http://faith.yahoo.com

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Mon Oct 14 01:39:44 2002

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.