[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Bug in pre-revprop-change hook calling (1.1.0rc1)

From: Ben Collins-Sussman <sussman_at_collab.net>
Date: 2004-08-06 17:25:58 CEST

On Fri, 2004-08-06 at 09:36, Sven Mueller wrote:

> If I should fix it on the server side (which might not be possible,
> depending on the DAV protocol), I would do it this way:
> - On request to change a property:
> - Check AuthzSVNAccessFile, if it doesn't allow write for the
> anonymous user (""), require authentication

The real question here is: why isn't mod_authz_svn demanding
authentication when the client sends a PROPPATCH request (which is what
happens when you remotely set a revprop)?

Sander Striker, any idea?

Maybe, because the PROPPATCH request is on a baseline, something like:

   PROPPATCH /svn/testrepos/!svn/bln/30

... maybe dav_svn_split_uri() returns a repos_path of NULL, so
mod_authz_svn's check_access() function just allows it no matter what?

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Aug 6 17:27:06 2004

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.