[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Case sensitivity in authz files

From: Branko Čibej <brane_at_wandisco.com>
Date: Thu, 25 Apr 2013 14:32:59 +0200

On 25.04.2013 14:28, Julian Foad wrote:
> Philip Martin wrote:
>> Philip Martin <philip.martin_at_wandisco.com> writes:
>>> Julian Foad <julianfoad_at_btopenworld.com> writes:
>>>> So what exactly is broken, behaviour-wise? Is authorization done with
>>>> case-insensitive username checking in the server, and the "svnauthz"
>>>> tool is broken in that it fails to do case-insensitive matching of
>>>> usernames? Or something else?
>>> The tool and the server do the same thing. Switch the lines in this
>>> authz file:
>>>
>>> [/]
>>> pm = rw
>>> PM = r
>>>
>>> to give this:
>>>
>>> [/]
>>> PM = r
>>> pm = rw
>>>
>>> Those two files grant different permissions to usernames pm and PM and
>>> the permissions granted are not "pm=rw" or "PM=r".
>>>
>>> The behaviour can be explained but is it correct?
>> Groups are involved as well:
>>
>> [groups]
>> abcd = pm
>> ABCD = PM
>>
>> [/]
>> @ABCD = r
>> @adcd = rw
>>
>> Care to guess what permissions I get for pm and PM? What if I add a
>> final "@abCD ="?
> No, I don't care to guess.
>
> This issue appears to have been reported against Subversion 1.4.4 here: <http://svn.haxx.se/dev/archive-2007-08/0008.shtml> but not addressed or filed in the issue tracker at that time.
>
> I am only questioning the assignment of a 1.8.0 "release blocker" milestone.

Given that I already have a patch ready to commit on trunk (covering
both authz and groups), and fixed a bug in svn_config_merge to boot, we
may consider the question moot. :)

-- Brane

-- 
Branko Čibej
Director of Subversion | WANdisco | www.wandisco.com
Received on 2013-04-25 14:33:35 CEST

This is an archived mail posted to the Subversion Dev mailing list.