[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Authz on Collection of Repositories (was: Expansion of authz policy name leak)

From: C. Michael Pilato <cmpilato_at_collab.net>
Date: Tue, 23 Oct 2012 09:04:40 -0400

On 10/23/2012 08:48 AM, Stefan Sperling wrote:
> On Tue, Oct 23, 2012 at 04:29:51PM +0400, Ivan Zhakov wrote:
>>>> I'm working on the patch to list only readable repositories. There is
>>>> already TODO comment in the code by cmpilato:
>>>> subversion\mod_dav_svn\repos.c:3461
>>>> [[[
>>>> /* ### TODO: We could test for readability of the root
>>>> directory of each repository and hide those that
>>>> the user can't see. */
>
>> I'm going to create small patch to just fix this problem and probably
>> refactor later in separate commit.
>
> What about users who are allowed to see a subtree of the repository but
> not the root? Shouldn't such users be allowed to list the repository?

That would be ideal in a universe where Subversion's overall authz policy
was designed to accommodate it, but would today be entirely inconsistent
with our handling of in-repos paths. What would the repository root name
link to? A directory view they'd get 403'd on? Sorry, but at this time I
would oppose that (questionably) feature creep.

-- 
C. Michael Pilato <cmpilato_at_collab.net>
CollabNet   <>   www.collab.net   <>   Enterprise Cloud Development

Received on 2012-10-23 15:05:20 CEST

This is an archived mail posted to the Subversion Dev mailing list.