Re: Could svn_backend check permissions?

Greg Hudson <ghudson@MIT.EDU> writes:

>> I don't think we need to worry about violating the abstraction. A
>> simple filesystem enumeration just means that the ambient user has
>> access to files in the repository.
>
> Well, I think it's possible to shunt the logfiles off to a different
> directory, and that would prevent a simple directory enumeration from
> working.

Verifying that access will work involves checking the data files, the
environment files and the log files at the very least. The location
of both the data files and the log files can be customised, see BDB
documentation of set_data_dir and set_lg_dir.

A couple of other things to bear in mind:

- In normal use a user needs to be able to create new log files,
verifying that this is possible involves checking directory
permissions all the way back to root. I don't know whether failure to
create a log file affects only the one user, I assume the transaction
will fail, or whether it will lead to a need for database recovery.

- BDB may create temporary files, although I don't know if Subversion
causes any temporary files to be created. The location can be
customised, see set_tmp_dir, and once again I don't know if failure to
create such a file affects just the single user or whether it will
lead to need for database recovery.

-- 
Philip Martin
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org