[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: issue #2712 ("svnserve authz permissions problem")

From: David Glasser <glasser_at_davidglasser.net>
Date: Sat, 12 Jan 2008 00:46:22 -0500

On Jan 12, 2008 2:18 AM, Karl Fogel <kfogel_at_red-bean.com> wrote:
> kfogel_at_tigris.org writes:
> > Author: kfogel
> > Date: Fri Jan 11 20:07:41 2008
> > New Revision: 28875
> > Log:
> > Test more of issue #2712 ("svnserve authz permissions problem"):
> >
> > * subversion/tests/cmdline/authz_tests.py
> > (authz_svnserve_anon_access_read): Test switch and merge, thus
> > implicitly testing diff (via merge). Switch passes, but merge
> > fails, so...
> > (test_list): ...mark above as XFail for now.
>
> See the issue for the patch-in-progress. I had to time out tonight,
> but Vlad, if you see where to take this patch, please take it there!
>
> I ran into issue #2712 while trying to construct a test for some
> mergeinfo authz checks on the reintegrate, sigh :-).

For the record, I can't get at tigris right now (that's the planned
outage?) but if #2712 is the thing I think it is (anon-access=read +
paths with no read-access for anonymous lead to the user never
authenticating and thus silently failing to see things that could have
been seen), major incompatible changes in the svnserve protocol would
be required to actually fix it; a client-side hack of giving the user
a way to say "no really, don't send ANONYMOUS even if the server will
accept it, I have the credentials to log in" would be an easier fix.

--dave

-- 
David Glasser | glasser@davidglasser.net | http://www.davidglasser.net/
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: dev-help_at_subversion.tigris.org
Received on 2008-01-12 07:14:41 CET

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.