[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: reposurgeon now writes Subversion repositories

From: Daniel Shahaf <d.s_at_daniel.shahaf.name>
Date: Fri, 30 Nov 2012 18:03:26 +0200

Eric S. Raymond wrote on Fri, Nov 30, 2012 at 10:17:39 -0500:
> Ben Reser <ben_at_reser.org>:
> > Precisely. I was under the impression that he wanted something that
> > was user controlled and had nothing to do with the authentication to
> > display as the author.
>
> Maybe I'm confused. Or perhaps we're using "authentication" in
> different senses on different levels. I think there's a question I
> should have asked sooner...
>
> Normally, access to the Subversion repositories I use is actually authenticated
> via an ssh key used for login to the server host. I'm not sure in what sense
> the username field actually contributes any security-relevant information
> in a setup like that. Does it?

It does yes, if the server has ForceCommand='svnserve -t' configured
in sshd, then path-based authz and/or "anon-access=none" can be
meaningfully set up --- and these key off of the svn-level authenticated
username (as opposed to the OS-level username).
Received on 2012-11-30 17:04:25 CET

This is an archived mail posted to the Subversion Dev mailing list.