On Apr 25, 2005, at 8:19 AM, Andrew Thompson wrote:
> Faller, Gyula wrote:
>> - the third most important is ACLs. Yes, I know, if we would
>> use
>> Apache instead of svnserve, we got some degree of this, but why we
>> should use Apache for a subversion feature?
>
> I have been trying to figure out why a single repository is considered
> *good*, yet we can't limit access to portions of it without a third
> party application.
>
Yes, the developers would like to see ACLs within the repository itself
someday. But I'm not sure where this attitude of turning noses at "3rd
party application" comes from.
For Subversion 1.0, our decision was that access-control happened at
the server level. As I see it, there aren't any 3rd-party applications
doing authorization:
* both svnserve and mod_dav_svn have the ability to launch pre-commit
hooks to enforce authorization. Neither of those are 3rd-party tools;
the hook functionality is part of the core svn codebase.
* mod_authz_svn is a module to do authorization all by itself. It's
not a 3rd party tool, and it's also part of the core svn codebase.
Apache is no more a "3rd party application" than any other depenency,
like neon for example. Should we feel ashamed for not inventing our
own http library? How about SSL support, was it bad to force users to
get openssl too? Where does one draw the line?
The idea was not to spend years reinventing wheels.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Mon Apr 25 15:52:40 2005