[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [PATCH] Re: Ancestor directory permissions in authz

From: Branko ─îibej <brane_at_wandisco.com>
Date: Thu, 11 Dec 2014 17:14:33 +0100

On 11.12.2014 14:37, Hannes Reich wrote:
> Thanks for the encouragement and background information.
>
> I've attached the patch, which I would describe as a workaround for
> the underlying issue the authz-overhaul branch is addressing.
>
> Since the patch lacks authz-overhaul's concept of "list access", the
> "ancestor" permission has some side-effects:
>
> - Users can learn of the existence of the siblings of all ancestors of
> paths to which they have access (by poking around in .svn/wc.db). This
> is suboptimal but acceptable for my use case.
>
> - Users can access the properties of all ancestors of paths to which
> they have access. Perhaps this can be construed as a feature since it
> enables access to svn:mergeinfo, though I haven't explored how well
> merges as a restricted user work in practice.

I have to admit I'm having a bit of trouble understanding what the patch
is supposed to do. Can you please explain, with examples, what you're
trying to achieve?

FWIW, I've been looking at adding directory traversal permission to
authz: this permission means you're allowed to know about the existence
of a path, but not its contents (i.e, know that a directory exists, and
even lookup specific children by name, but not read the directory
contents). I suspect what you're trying to do is a fairly incomplete
subset of that.

There's also ^/subversion/branches/authzperf, which implements wildcard
support for authz files (among other performance improvements). I
suspect that this would cover many of your use cases.

-- Brane
Received on 2014-12-11 17:15:07 CET

This is an archived mail posted to the Subversion Dev mailing list.