[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: Bikeshed: configuration override order

From: Bob Archer <Bob.Archer_at_amsi.com>
Date: Fri, 6 Aug 2010 14:28:11 -0400

> On Fri, Aug 6, 2010 at 1:13 PM, Greg Hudson <ghudson_at_mit.edu>
> wrote:
> > On Fri, 2010-08-06 at 13:50 -0400, Hyrum K. Wright wrote:
> >> I'm doing some more thinking about repository-dictated
> configuration,
> >
> > I get nervous when I see people talk about repository-dictated
> > configuration as an extension of the general configuration
> framework.
> >
> > There are a lot of things a repository should not be able to
> configure
> > for trust reasons--in particular, what commands the client runs.
> áWhen
> > you check out material from a repository, you are not handing
> over the
> > keys to your machine or account, just retrieving content. áIn
> fact, I
> > think there are only a few specific configuration variables which
> a
> > repository should be able to influence, such as mime-type
> recognition.
>
> Agree with the general point, but it raises another point: which
> values are acceptable for overriding? Are they hardcoded or
> configurable (if configurable, that kinda defeats the point, since
> they'd have to be configured locally)? White list? Black list?
>
> Would a hard-coded list be something that depends on application
> (corporate vs. open source vs. some other deployment)?
>
> -Hyrum

As I said in a previous email, you might want to consider looking at the asp.net configuration and how that is done. They have a configuration hierarchy and inheritence. You can specify the scope of the configuration items and also you can restrict inheritence on certain items.

http://msdn.microsoft.com/en-us/library/ms178685.aspx

Of course, since svn is open source... it would be possible to create a client that would ignore inheritance restrictions with a few // characters in the source code. I guess an enterprise client would want to compile there own client and sign it and only allow signed clients to access the repository or something to mitigate that kind of stuff.

But really why do people want this. I think it is so some settings like auto-props and other things that need to be set for a specific project will take place without having to distribute a config or send an email with "make sure you add this to your config" type of warning from a pre-commit hook that notices certain properties are missing for certain file types.

BOb
Received on 2010-08-06 20:28:49 CEST

This is an archived mail posted to the Subversion Dev mailing list.