Re: FSFS and Security

From: Ulrich Eckhardt <eckhardt_at_satorlaser.com>
Date: 2004-11-30 15:34:25 CET

Charles Medcoff wrote:
> My preference is to serve up
> a repository either via svnserve or directly via the file system
> (file:///path_to_repos). I am aware than svnserve supports authentication.
> Is there anyway to provide read/write access protection via the direct
> access (file:///path_to_repos)?

Access to the repository, even just for reading, needs write access to the
underlying files (I know this is true for BDB and I'm sure it is also true
for FSFS because of file locking).

svnserve or apache sit on top of this (and the process therefore needs full
access) and selectively provide access with enforced authentication.

Using file:// access, you cannot enforce authentication. The frontend does
support logging changes with the username, but no authentication because
there is no way to enforce it if the user needs full access to the underlying
files anyway.

Totally off topic: does anyone know if there are any (plans for) SUID
libraries on any system?

Uli

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Tue Nov 30 15:36:51 2004

This message: [ Message body ]
Next message: Scott Palmer: "Re: Timestamp Issues"
Previous message: Ben Collins-Sussman: "Re: FSFS and Security"
In reply to: Charles Medcoff: "Re: FSFS and Security"
Next in thread: Eric Gillespie: "Re: FSFS and Security"
Reply: Eric Gillespie: "Re: FSFS and Security"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]