"C. Michael Pilato" <cmpilato_at_collab.net> writes:
>> Why should access restrictions prevent someone from merely anchoring an
>> RA session at a particular URL, and then running log requests based from
>> that anchor? The access controls should, of course, limit what
>> responses come back from the request, but I don't see why they should
>> prevent what Martin assumes "might not be permissible".
>
> Consider a situation in which mod_dav_svn (not mod_authz_svn) is
> configured to disallow any read access to paths outside of /trunk.
> Before Subversion even gets the chance to field a log REPORT request
> aimed at the root of the repository, mod_dav_svn prevents the request
> from succeeding.
That's what I'm questioning. Why does mod_dav_svn behave like this?
Because it's easier to implement?
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: dev-help_at_subversion.tigris.org
Received on 2008-06-03 21:03:24 CEST