On 2/21/06, Ryan Schmidt <subversion-2006Q1@ryandesign.com> wrote:
> On Feb 21, 2006, at 19:43, Jan Hegner wrote:
> > we're currently setting up a Subversion server using Apache2 and
> > authentication to a Windows Server via LDAP.
> > our currently used CVS looks somewhat like:
> > CompanyHead
> > I-libs
> > I I- lib1
> > I I- lib2
> > I ....
> > I- apps
> > I- app1
> > I- app2
> > ......
> > Not all the libs and apps are accessible to every user.
> > The easiest way to set up the subversion would be
> > Trunk
> > I-- same structrure as above
> > Branches
> > Tags
> > Setting the permissions for the directories in trunks is quite easy.
> > But at the time a more priviliged user branches, (from what I
> > understand, copy the trunk into the branches folder) all
> > non-privileged users have access to the full source tree.
> > Is there a way to preserve the file permissions when copying files?
> I think what you're saying is that you will have authz rules set up
> so that parts of trunk are restricted, and that once someone copies
> the trunk to a branch or a tag, anyone would be able to get to the
> files from there, because they are not restricted in the same way. I
> believe the answer therefore is that you need to write your authz
> rules such that they protect the desired lib directories not only in
> trunk but also in any branch or tag, and you need to make privileged
> users aware that if they copy the trunk somewhere outside of branches
> or tags, that anyone would be able to read it, and why that would be
> bad. In other words, Subversion does not, as far as I know, assist
> you with this task in any special way. You must specify what you want
> exactly in the authz rules.
Would it be possible for one to write a post-commit hook script which
picked up on the fact that such a commit had been performed, and
update the authz rules automatically, replicating the
/trunk/path/protected rule to a corresponding copy that refers to
To unsubscribe, e-mail: firstname.lastname@example.org
For additional commands, e-mail: email@example.com
Received on Tue Feb 21 20:18:24 2006