[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Authz on Collection of Repositories (was: Expansion of authz policy name leak)

From: Stefan Sperling <stsp_at_elego.de>
Date: Tue, 23 Oct 2012 14:48:29 +0200

On Tue, Oct 23, 2012 at 04:29:51PM +0400, Ivan Zhakov wrote:
> >> I'm working on the patch to list only readable repositories. There is
> >> already TODO comment in the code by cmpilato:
> >> subversion\mod_dav_svn\repos.c:3461
> >> [[[
> >> /* ### TODO: We could test for readability of the root
> >> directory of each repository and hide those that
> >> the user can't see. */

> I'm going to create small patch to just fix this problem and probably
> refactor later in separate commit.

What about users who are allowed to see a subtree of the repository but
not the root? Shouldn't such users be allowed to list the repository?
Received on 2012-10-23 14:49:18 CEST

This is an archived mail posted to the Subversion Dev mailing list.