RE: svn commit: r1363336 - /subversion/trunk/notes/authz_policy.txt

From: Kamesh Jayachandran <kamesh_at_collab.net>
Date: Thu, 19 Jul 2012 19:58:53 +0530

small typo.

-he or see
+he or she

With regards
Kamesh Jayachandrancmpilato_at_apache.org wrote:Author: cmpilato
Date: Thu Jul 19 13:54:38 2012
New Revision: 1363336

URL: http://svn.apache.org/viewvc?rev=1363336&view=rev
Log:
* notes/authz_policy.txt
Â (REVISION PROPERTIES): It's been years, but document the reasoning
Â Â Â behind revprop access gating at all, noting specifically why we
Â Â Â don't care about a user's write access to changed paths when
Â Â Â considering revprop get/set acccess.

Modified:
Â Â Â subversion/trunk/notes/authz_policy.txt

Modified: subversion/trunk/notes/authz_policy.txt
URL: http://svn.apache.org/viewvc/subversion/trunk/notes/authz_policy.txt?rev=1363336&r1=1363335&r2=1363336&view=diff
==============================================================================
--- subversion/trunk/notes/authz_policy.txt (original)
+++ subversion/trunk/notes/authz_policy.txt Thu Jul 19 13:54:38 2012
@@ -111,6 +111,21 @@ WHAT USERS SHOULD EXPECT FROM PATH-BASED
Â Â Â This situation is quite annoying for people who can't read all the
Â Â Â changed-paths.

+Â Â Notice that for the purposes of gating read and write access to
+Â Â revision properties, Subversion never considers the user's *write*
+Â Â access to the changed-paths.Â To understand the reason behind this,
+Â Â it helps to understand why revprop access is gated at all.
+Â Â Subversion assumes that revprops for a given revision -- especially
+Â Â the log message (svn:log) property -- are likely to reveal paths
+Â Â modified in that revision.Â It is precisely because Subversion
+Â Â tries not to reveal unreadable paths to users that revprop access
+Â Â is limited as described above.Â So as long as the user has the
+Â Â requisite read access to the changed-paths, it's okay if he or see
+Â Â lacks write access to one or more of those paths when attempting to
+Â Â set or change revprops -- the information Subversion is trying to
+Â Â protect through its revprop access control is considered safe to
+Â Â reveal to that user.
+

6. KNOWN LEAKAGE OF UNREADABLE PATHS
Received on 2012-07-19 16:24:35 CEST

This message: [ Message body ]
Next message: C. Michael Pilato: "Re: svn commit: r1363336 - /subversion/trunk/notes/authz_policy.txt"
Previous message: Kamesh Jayachandran: "RE: [BUG] Revprop edits are checked for read access."
Next in thread: C. Michael Pilato: "Re: svn commit: r1363336 - /subversion/trunk/notes/authz_policy.txt"
Reply: C. Michael Pilato: "Re: svn commit: r1363336 - /subversion/trunk/notes/authz_policy.txt"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]