Re: How much libsvn_repos wrap around the libsvn_fs

On Thu, Dec 26, 2002 at 03:02:44PM -0600, Karl Fogel wrote:
> "Nitin Shukla" <nitinshukla@infotech.stph.net> writes:
> > Apache can handle request for remote svn client. We can solve the
> > problem of Access Control with your approach. But how do we go about
> > handling the local svn client requests? One approach seems to be the
> > hook programs but currently they are not sufficient hook programs to
> > provide read, write control.
>
> Nitin, are you aware that local (`ra_local') access control is
> ultimately governed by OS file permissions? Even if Subversion had
> ACLs, they would only be secure over ra_local with a friendly client.
> Anyone could bypass the access control with a little ingenuity.
>
> There's really no way around this problem, if the client is on the
> same machine as the repository.

In other words, ra_local is insecure by design if you want multiple
people to access it and also have access restrictions to certain parts
of the tree etc.

I suppose people should use ra_svn instead if they want a "local"
repository with ACLs. (Of course ra_svn isn't really local, but you
could run it on the same machine as the clients.)

(er... in case anyone's wondering, I do know that ACLs aren't yet
implemented :)

-- 
Michael Wood <mwood@its.uct.ac.za>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org