[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: mod_authz_svn inheritance broken?

From: Kevin P. Fleming <kpfleming_at_digium.com>
Date: 2005-12-01 18:06:15 CET

David Anderson wrote:

> Logically, the rule for sillyuser would override the group access, even
> if the user is a part of the group. Currently though, a group is given
> the same priority as a user definition, so the user is granted the
> widest possible access (here, 'rw'). I do hope to correct this someday,
> to make the ACLs that more flexible.

That's a good thing to know, thanks for the clarification. It's a
reasonable thing to say that the user gets the maximum set of
permissions allowed by _all_ settings that apply to them in that path;
given that the set of permissions can currently only consist of 'r' and
'w' that's saying a bit much, but it's still true :-)

Now I'm going to have to simplify my access file to get rid of all the
stuff I put in when I thought inheritance worked differently...

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Dec 1 18:27:47 2005

This is an archived mail posted to the Subversion Users mailing list.