[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: subversion security, everyone can commit, limited to who can delete

From: <plabonte_at_gmail.com>
Date: 2005-10-14 21:05:38 CEST
Here is a sample of a configuration that works for me.  I added the <Limit...> to show you as a reference.

   <Location /code>
     DAV svn
     SVNParentPath /code_repos
     SVNIndexXSLT /svnindex.xsl
     AuthType Basic
     AuthName "Code Repository"

   #  AuthUserFile /code_repos/users.list
     AuthPAM_Enabled on
     require valid-user
     AuthzSVNAccessFile /code_repos/access.list
     <Limit DELETE>
       require user username1 username2
     </Limit>
   </Location>

This will require that there be a valid user to do anything in the repository.  However, the only people allowed to delete anything will be username1 and username2.  The read and write access to the repository is controlled within the SVN (mod_authz_svn) module itself, and I use the AuthzSVNAccessFile to set those permissions.

Regards,
Frank

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org


I tried you example above. And it will not allow anyone without delete rights to commit a file. This is because each commit needs to delete a tmp file... so it appears it is not possible to prevent people that have commit rights from getting delete rights.
Unless you can find a way.


--------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org For additional commands, e-mail: users-help@subversion.tigris.org Received on Fri Oct 14 21:07:26 2005

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.