Eric S. Raymond wrote on Fri, Nov 30, 2012 at 10:17:39 -0500:
> Ben Reser <ben_at_reser.org>:
> > Precisely. I was under the impression that he wanted something that
> > was user controlled and had nothing to do with the authentication to
> > display as the author.
>
> Maybe I'm confused. Or perhaps we're using "authentication" in
> different senses on different levels. I think there's a question I
> should have asked sooner...
>
> Normally, access to the Subversion repositories I use is actually authenticated
> via an ssh key used for login to the server host. I'm not sure in what sense
> the username field actually contributes any security-relevant information
> in a setup like that. Does it?
It does yes, if the server has ForceCommand='svnserve -t' configured
in sshd, then path-based authz and/or "anon-access=none" can be
meaningfully set up --- and these key off of the svn-level authenticated
username (as opposed to the OS-level username).
Received on 2012-11-30 17:04:25 CET