Ben Collins-Sussman <sussman@collab.net> wrote on 01/12/2005 10:40:50 AM:
>
> On Jan 12, 2005, at 9:13 AM, Mark Phippard wrote:
> >>>
> >>
> >> That switch turns off all security checks in mod_dav_svn. Which
means
> >> that mod_authz_svn is rendered completely nonfunctional and useless.
> >
> > I do not think that is true at all.
>
> Well, I wrote the feature, so I might know better. :-)
>
> But you're right, I've oversimplified. See below.
I know, we had this same conversation a while back. I couldn't state the
"true" answer as well as you just did. I mainly wanted to remind you that
it is not as bad as you had painted it so that you would elaborate again.
I think you still get a pretty decent amount of authority checking with
this switch specified. Ideally, this could all get documented with some
examples. I would think, as an example, if you didn't try to mix in
private code deep in a folder hierarchy you could get pretty good
protection while still having good performance.
In my case, I have a repository with a lot of Projects at the top level. I
only want to enforce access at that level and this still works very well
for that. If someone did do a commit that had files from multiple
projects I would not care if someone only authorized to one of those
projects could see that info in svn log. I just do not want them to
checkout or commit to the project.
Thanks
Mark
_____________________________________________________________________________
Scanned for SoftLanding Systems, Inc. by IBM Email Security Management Services powered by MessageLabs.
_____________________________________________________________________________
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed Jan 12 17:06:01 2005