[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Merkle trees in svn [was: Quick question about the sha1-checksum for directories in svn.]

From: Branko Čibej <brane_at_apache.org>
Date: Thu, 5 Oct 2017 19:29:11 +0200

On 05.10.2017 19:12, Daniel Shahaf wrote:
> Branko Čibej wrote on Thu, 05 Oct 2017 18:44 +0200:
>> On 05.10.2017 16:46, Julian Foad wrote:
>>> Calculation of a directory's hash would have to happen for each
>>> directory where the user has mixed access to the immediate children,
>>> and for all parents of such a directory up to the root.
>> And /that/ is the painful part: the fact that you need a depth-first
>> traversal of the tree in order to calculate the hash for the root
>> directory. And the reason why we're not exposing the directory hash,
>> even if the FS stores it.
> What if we only returned a checksum for nodes to which the user had full
> recursive access? E.g., with "[/A/B] *=", the caller would be able to retrieve
> checksums for /A/C, /A/D, /A/mu, and /A's property hash, and for descendants
> of the first two, but that's it.

That would leak permission settings. A user would know that she only
sees a partial directory merely by checking for the presence of the
directory checksum.

-- Brane
Received on 2017-10-05 19:29:23 CEST

This is an archived mail posted to the Subversion Dev mailing list.