Disabling Inheritance in Authz
We have a client that is looking to be more secure in their authz
files. Right now, they have a directory structure that they need to enable
access to a particular directory but to none of the subdirectories below.
The current authz mechanism could be quite tedious to facilitate this and is
easily worked around by adding a new directory to version control that has
not yet been disallowed in the authz. I have an idea that I would like to
run by you as an enhancement to Subversion and that is to allow the authz
file to specify whether or not an access control policy is recursive.
Another idea is to allow for more complex specification of the repository
paths affected by an access control policy, like the ability to use
wildcards or negation. I'm sure I'm not the first to bring this up and so I
didn't want to immediately create a feature request. Can someone discuss
this with me, possibly even offline, so that I can get an idea of what has
been proposed and/or what is being worked on? This will help me better
decide what approach to take with this client and/or the Subversion team.
Received on Fri Dec 8 20:05:13 2006
This is an archived mail posted to the Subversion Dev