Re: mod_authz_svn inheritance broken?

From: Kevin P. Fleming <kpfleming_at_digium.com>
Date: 2005-12-01 18:06:15 CET

David Anderson wrote:

> Logically, the rule for sillyuser would override the group access, even
> if the user is a part of the group. Currently though, a group is given
> the same priority as a user definition, so the user is granted the
> widest possible access (here, 'rw'). I do hope to correct this someday,
> to make the ACLs that more flexible.

That's a good thing to know, thanks for the clarification. It's a
reasonable thing to say that the user gets the maximum set of
permissions allowed by _all_ settings that apply to them in that path;
given that the set of permissions can currently only consist of 'r' and
'w' that's saying a bit much, but it's still true :-)

Now I'm going to have to simplify my access file to get rid of all the
stuff I put in when I thought inheritance worked differently...

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Dec 1 18:27:47 2005

This message: [ Message body ]
Next message: Curt Crandall: "Getting Subversion to run as a service on Windows 2000"
Previous message: Matt England: "Re: How to convert a regular file to a sym link?"
In reply to: David Anderson: "Re: mod_authz_svn inheritance broken?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]