[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Restricting read access to one file

From: Max Bowsher <maxb_at_ukf.net>
Date: 2005-06-07 18:14:38 CEST

Fredrik Bostrom wrote:
> Thanks for your tips.
>
> I finally got it working by adding another <Location> element after the
> standard <Location /svn> element, like this:
>
> <Location /svn> <!-- old element -->
> DAV svn
> SVNPath /var/svnroot
> AuthType Basic
> AuthName "Subversion Repository"
> AuthUserFile /etc/apache2/dav_svn.passwd
> AuthzSVNAccessFile /etc/apache2/dav_svn.authz
> Satisfy Any
> Require valid-user
> </Location>
>
> <Location ~ "/svn/.*(secret.file)$"> <!-- new element -->
> AuthType Basic
> AuthName "Restricted read access"
> AuthUserFile /etc/apache2/dav_svn.passwd
> AuthzSVNAccessFile /etc/apache2/dav_svn_noread.authz
> Satisfy Any
> Require valid-user
> </Location>

That *might* be safe, but I do not know enough to be sure. It is possible
that a determined attacker with a comprehensive knowledge of WebDAV/DeltaV
might be able to find a way around that.

Max.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Tue Jun 7 18:17:00 2005

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.