[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: RFC: Subversion security model in need of update

From: C. Michael Pilato <cmpilato_at_collab.net>
Date: Thu, 12 Mar 2009 14:18:37 -0400

Mark Phippard wrote:
> On Thu, Mar 12, 2009 at 1:39 PM, C. Michael Pilato <cmpilato_at_collab.net> wrote:
>> Ben Collins-Sussman wrote:
>>> This is the *best* explanation I've ever seen of the problem. Mucho
>>> applause! So much easier to understand. I agree with everything you
>>> said.
>>> I don't have any brilliant ideas about the 2 showstoppers right now,
>>> but it's great to have it all laid out like this.
>> I've filed issue #3380 for tracking the necessary overhaul, and will toss an
>> item into tasks.html for this.
> Changing the security model seems relatively straight forward and I
> imagine the only real barrier to just doing it is that the current WC
> leaks too much information in the entries file. So what exactly is
> the RFC about? Ideas about how to make the WC less leaky? Whether
> the current leakage is OK? or something else?

Well, I'd certainly like to solve the leakage problem, but gstein has me
convinced that that's not really possible. The RFC was mostly aimed at
changing the security model. And lo and behold, you commented on that very

C. Michael Pilato <cmpilato_at_collab.net>
CollabNet   <>   www.collab.net   <>   Distributed Development On Demand

Received on 2009-03-12 19:18:54 CET

This is an archived mail posted to the Subversion Dev mailing list.