[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Case sensitivity in authz files

From: Julian Foad <julianfoad_at_btopenworld.com>
Date: Thu, 25 Apr 2013 13:28:00 +0100 (BST)

Philip Martin wrote:
> Philip Martin <philip.martin_at_wandisco.com> writes:
>> Julian Foad <julianfoad_at_btopenworld.com> writes:
>>> So what exactly is broken, behaviour-wise?  Is authorization done with
>>> case-insensitive username checking in the server, and the "svnauthz"
>>> tool is broken in that it fails to do case-insensitive matching of
>>> usernames?  Or something else?
>>
>> The tool and the server do the same thing.  Switch the lines in this
>> authz file:
>>
>>   [/]
>>   pm = rw
>>   PM = r
>>
>> to give this:
>>
>>   [/]
>>   PM = r
>>   pm = rw
>>
>> Those two files grant different permissions to usernames pm and PM and
>> the permissions granted are not "pm=rw" or "PM=r".
>>
>> The behaviour can be explained but is it correct?
>
> Groups are involved as well:
>
>   [groups]
>   abcd = pm
>   ABCD = PM
>
>   [/]
>   @ABCD = r
>   @adcd = rw
>
> Care to guess what permissions I get for pm and PM?  What if I add a
> final "@abCD ="?

No, I don't care to guess.

This issue appears to have been reported against Subversion 1.4.4 here: <http://svn.haxx.se/dev/archive-2007-08/0008.shtml> but not addressed or filed in the issue tracker at that time.

I am only questioning the assignment of a 1.8.0 "release blocker" milestone.

- Julian
Received on 2013-04-25 14:28:57 CEST

This is an archived mail posted to the Subversion Dev mailing list.