Pete Gonzalez wrote:
> My focus here is much more immediate; although I may have time to write
> some C code, I want to avoid complicated design discussions. So here's
> my proposal: Instead of worrying about hook scripts, why don't we just
> expand svnserve's authentication model? In other words, we can implement
> for svnserve a small subset of what WebDAV is doing. This should be an
> inexpensive way to extend the old model until a proper ACL mechanism
> is designed. I mean shit, svnserve could probably do this using
> properties. So... how much work would this be? :-)
A lot, if you take into account that we'd have to maintain backward
compatibility for such a scheme (that used repository metadata) for
ages. It might be easier to get svnserve to understand the access
control files used by mod_authz_svn (and not mod_dav_svn, as you seem to
believe -- the DAV module does neither authentication nor
auhtorization), so that both mechanisms could use the same access
control configuration.
I have no idea how much work it would be to do that, but I suspect it
would touch a significant part of our FS library -- effectively
duplicating exactly the same amount of work (and intrusiveness) as
needed for read hooks -- or real ACLs, for that matter.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Jul 29 00:00:51 2004