[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Authz on Collection of Repositories (was: Expansion of authz policy name leak)

From: Ivan Zhakov <ivan_at_visualsvn.com>
Date: Tue, 23 Oct 2012 15:24:30 +0400

On Thu, Oct 18, 2012 at 2:06 PM, Thomas Ã…kesson <thomas_at_akesson.cc> wrote:
> There was a discussion in April 2010 regarding the "fix" for issue 2753.
> http://svn.haxx.se/dev/archive-2010-04/0277.shtml
>
[...]

>
> During the 2010 discussion Mike suggested something that we (Simonsoft)
> would be very happy to see implemented:
>
> In a perfect world, I would expect that requests to the parent directory
> would not be authz-denied, but that each repository in the listing of
> repositories would be authz-checked against the authz configuration. In
> other words, say I have a parent-path with three repositories: calc, watch,
> lamp. And say I have an authz file like so:
>
> [lamp:/]
> * =
>
> I would expect that a request to the parent directory would yield a listing
> that included the 'calc' and 'watch' repositories, but not the 'lamp' one.
>
>
Hi Thomas,

I'm working on the patch to list only readable repositories. There is
already TODO comment in the code by cmpilato:
subversion\mod_dav_svn\repos.c:3461
[[[
    /* ### TODO: We could test for readability of the root
            directory of each repository and hide those that
            the user can't see. */
]]]

-- 
Ivan Zhakov
Received on 2012-10-23 13:25:26 CEST

This is an archived mail posted to the Subversion Dev mailing list.