[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Security

From: Stefan Hett <stefan_at_egosoft.com>
Date: Thu, 2 Jun 2016 12:49:57 +0200

Hi Michael,
> Hello Team,
> First I want to thank you for all the time and effort you have put
> into the TortoiseSVN online guide. I am new to SVN and this guide has
> been very helpful.
> I had a couple of questions about the security features of this software.
> Is there a way we can prevent users from doing the following:
> -Add, delete or modify anything straight in the repository without
> checking out a working copy?
Not directly, as far as I'm aware. I assume that you want to achieve
that the proper log template structure is used. If so, that can be done
by adding a precommit-hook (see SVN book [1]) and reject any commits,
which do not meet the template requirements you set up.

> -Add, delete or modify properties or hook scripts?
See pre-revprop hook [2]
To prevent modification of hook scripts, you would set up appropriate
file permissions on the server, or am I getting the question wrong?
> Also, some of the properties are only effective if the user is working
> straight in the repository. If a user checks out a working copy and
> modifies it, those properties are not effective at the time of
> committing the changes. For example, when I set the
> tsvn:logtemplatedelete property on a directory, the template only
> shows up in the commit dialog box if a user deletes a file straight
> from the repository. But if the user checks out a working copy,
> deletes a file and then commits the changes, then the delete template
> that I set does not appear in the commit dialog box. Is there a way we
> can set those properties to be triggered even if the change is being
> made in a working copy?
> Some of these properties are:
> §tsvn:logtemplatedelete
> §tsvn:logtemplatemove
> §tsvn:logtemplatemkdir
> §tsvn:logtemplatebranch
> §tsvn:logtemplatepropset
These are client side properties only (specific to the TSVN client). You
can't enforce these on the server side. What you could do though is to
ensure that any commit/change log on the server side meets the format
you define here. See pre-commit hooks [1].

[1] http://svnbook.red-bean.com/en/1.8/svn.ref.reposhooks.pre-commit.html

Stefan Hett
To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2016-06-02 12:50:12 CEST

This is an archived mail posted to the TortoiseSVN Users mailing list.