[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Proposal for svnserve configuration

From: Garrett Rooney <rooneg_at_electricjellyfish.net>
Date: 2003-10-28 21:27:57 CET

Greg Hudson wrote:

> On Tue, 2003-10-28 at 15:20, Garrett Rooney wrote:
>>If I read your proposal correctly, there's
>>no way to tell the daemon mode server to be read only, while the
>>tunneled svnserve is read-write.
> Tunneled users are authenticated (using EXTERNAL), so setting
> anon-access=read and auth-access=write would accomplish this.

But in that case if you authenticate to the daemon mode server (via
CRAM-MD5 or something), you would still be able to write to the
repository via that server...

I suppose this isn't that big a deal, since if you're allowing read
access via the daemon, you probably aren't all that concerned about
sending data over the wire unencrypted, but I could envision scenarios
where it would matter, say if there were sections of the repository that
do require authentication for read access. It would be nice to have a
way to limit those to svn+ssh to ensure that sensitive data never goes
over the wire in the clear.


To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Oct 28 21:28:48 2003

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.