[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Is our revprop auth policy too strict?

From: C. Michael Pilato <cmpilato_at_collab.net>
Date: 2007-05-21 20:18:31 CEST

Garance A Drosihn wrote:
> At 6:05 AM -0400 5/21/07, Michael Sinz wrote:
>>
>> I wonder if this is correct. Just because you can see part of the commit
>> information, does that mean it is safe or correct to be able to change
>> it?
>> Given that the user can not access all of the commit information, I would
>> think it is improper to allow changes to even those values that can be
>> seen.
>> After all, it may be very incorrect.
>
> As I understand it, the debate is what behavior subversion should allow
> by default. I think it makes the most sense to leave the default as it
> is, because the owner of any repository can provide wider access if they
> believe that is appropriate.

That's not as true as you might like to think.

With the current behavior, the way an owner of a repository provides wider
access to a user's ability to tweak, say, the svn:date property, would be to
grant him/her read access to all the paths changed in the revision. If
you're scratching your head and wondering, "Why in the world would the admin
have to grant path access just to let someone change a revision property?",
then you're at the same place my head is. (Welcome. Nice to have you.) :-)

> If the default behavior of svn is changed such that committers have
> write-access to all revision properties, then they can change those
> properties in whatever way they want, and the admin of the repo may
> never realize that it's happening. Given that the revision-properties
> are not versioned, I personally think this is a bad thing.

I agree. And fortunately, that scenario isn't even close to what's being
proposed here.

Subversion's default behavior is to disallow revprop changes entirely.
That's definitely the safest default given the fact that revprops aren't
versioned, and is not up for debate. This thread is about something much
more specific than "all committers" or "all revprops", though. I think
you've missed some (all?) of the key portions of the discussion here.

-- 
C. Michael Pilato <cmpilato@collab.net>
CollabNet   <>   www.collab.net   <>   Distributed Development On Demand

Received on Mon May 21 20:18:39 2007

This is an archived mail posted to the Subversion Dev mailing list.