On Feb 21, 2006, at 19:43, Jan Hegner wrote:
> we're currently setting up a Subversion server using Apache2 and
> authentication to a Windows Server via LDAP.
>
> our currently used CVS looks somewhat like:
>
> CompanyHead
> I-libs
> I I- lib1
> I I- lib2
> I ....
> I- apps
> I- app1
> I- app2
> ......
>
>
> Not all the libs and apps are accessible to every user.
>
> The easiest way to set up the subversion would be
>
> Trunk
> I-- same structrure as above
> Branches
> Tags
>
> Setting the permissions for the directories in trunks is quite easy.
> But at the time a more priviliged user branches, (from what I
> understand, copy the trunk into the branches folder) all
> non-privileged users have access to the full source tree.
>
> Is there a way to preserve the file permissions when copying files?
I think what you're saying is that you will have authz rules set up
so that parts of trunk are restricted, and that once someone copies
the trunk to a branch or a tag, anyone would be able to get to the
files from there, because they are not restricted in the same way. I
believe the answer therefore is that you need to write your authz
rules such that they protect the desired lib directories not only in
trunk but also in any branch or tag, and you need to make privileged
users aware that if they copy the trunk somewhere outside of branches
or tags, that anyone would be able to read it, and why that would be
bad. In other words, Subversion does not, as far as I know, assist
you with this task in any special way. You must specify what you want
exactly in the authz rules.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Tue Feb 21 20:07:39 2006