[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Logging of subrequest authorization checks in mod_dav_svn/mod_authz_svn

From: Branko Čibej <brane_at_wandisco.com>
Date: Tue, 20 Jan 2015 12:15:37 +0100

On 19.01.2015 18:10, Ivan Zhakov wrote:
> I've implemented proposed behavior in r1653032.
>
> On 18 January 2015 at 06:48, Daniel Shahaf <d.s_at_daniel.shahaf.name> wrote:
>> It would be nice if the the logged message should be different in that
>> case, too. That is: there should be some indication, besides the
>> different log level, that the subrequest-generated log event is
>> "normal".
>>
>> That is, we don't want this:
>>
>> [debug] Access denied: /private
>> [error] Access denied: /private
>>
>> But this:
>>
>> [debug] Hiding directory '/private' (Access denied)
>> [error] Access denied: /private
>>
>> (Or some other log level instead of "debug" — I haven't thought about
>> what log level would be appropriate.)
> I agree that different log message would be nice to have, but there is
> an issue: in mod_authz_svn we're not 100% sure that path will be
> hidden. mod_authz_svn just answer the question whether access allowed
> or not, but it doesn't know how this information will be used latter
> at mod_dav_svn layer. May be different wording may fix this issue
> though.

I'm confused: when/why would mod_dav_svn ignore the result of an authz
check?

-- Brane
Received on 2015-01-20 12:16:16 CET

This is an archived mail posted to the Subversion Dev mailing list.