On Mon, May 21, 2007 at 09:34:45AM -0400, C. Michael Pilato wrote:
> Also, I can't conceive of any real harm in letting someone tweak the author
> or date of a partially-accessible revision. Okay, maybe if there's some
> custom script in place that emails committers weekly the full log messages
> of all the commits they made that week ("Subject: What You Did Last Week"),
> this would let someone claim a revision that wasn't his and possibly see
> privileged svn:log information when that email hits. But I think that's a
> stretch.
>
You're right, that seems unlikely.
Given that we already have revprop change hooks, aren't you actually
asking: "should Subversion force a read-only policy for the partial
access case"? And given that, I'd say the answer is emphatically not:
there are some policies that are worth enforcing in the core, but this
doesn't seem like one of them - let the hook dictate the policy, it's
what it's there for.
(Now, if you want to make a case that the hook should have an easy way
to _detect_ this partial-access case, I completely agree, but that's a
different discussion...)
Regards,
Malcolm
- application/pgp-signature attachment: stored
Received on Mon May 21 16:17:48 2007