[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: SVN-DEV HELP NEEDED: What to do about the ra-get-log interface

From: Karl Fogel <kfogel_at_red-bean.com>
Date: Tue, 03 Jun 2008 15:02:59 -0400

"C. Michael Pilato" <cmpilato_at_collab.net> writes:
>> Why should access restrictions prevent someone from merely anchoring an
>> RA session at a particular URL, and then running log requests based from
>> that anchor? The access controls should, of course, limit what
>> responses come back from the request, but I don't see why they should
>> prevent what Martin assumes "might not be permissible".
> Consider a situation in which mod_dav_svn (not mod_authz_svn) is
> configured to disallow any read access to paths outside of /trunk.
> Before Subversion even gets the chance to field a log REPORT request
> aimed at the root of the repository, mod_dav_svn prevents the request
> from succeeding.

That's what I'm questioning. Why does mod_dav_svn behave like this?
Because it's easier to implement?

To unsubscribe, e-mail: dev-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: dev-help_at_subversion.tigris.org
Received on 2008-06-03 21:03:24 CEST

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.