RE: Somewhat corrupted repository: Berkeley DB Permissions errors on SVN 1.0.2

> The only "clean solution" is to allow a *single* process to own and
> access the database.

Woah! That's the IBM mainframe OS/Digital VMS/WinNT way...
and occasionally the database oriented way.

"Have a single process own the database (or whaever),
and have that process implement it's own access control.
Just so that, once you have fixed all of the bugs in UNIX
access control, you have to go and fix all of the bugs
in every such program that implements its own access control.

(Sorry, I used to work on Gould Secure UNIX (actually, because
I'm Canadian and don't have the right security clearances,
I was never actually part of Secure UNIX. But I used to work
with them all the time.)

The UNIX/AFS/NFS way is to use the OS provided user IDs,
use setuid judiciously, and protect the individual files
appropriately.

Obviously doesn't apply to databases because the OS doesn't
comprehend access control to database rows or cells.

Apache and other web servers have, of necessity, been forced
to adopt the "the application or database does its own
access control independent of the OS" approach, because
the web has no authentication standards worth pissing on.

It's sad. And it's not the right thing.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu May 27 02:52:12 2004