"Andrew Goodnough" <Andrew.Goodnough@wicourts.gov> wrote on 03/02/2006
10:21:43 AM:
> Thanks, setting 'SVNPathAuthz off' fixed it. We were planning to
> configure AuthZ later to define a tighter access policy but if this
> performance penalty exists we'll have to think again. It seems this is
> the nature of the beast, rather than a bug.
Depending on how concerned you are about security, you can still use AuthZ
and get good security even with this setting. Let's say there was a
commit of stuff (by someone else) in multiple projects, some of which you
do not have authority to via the AuthZ settings. Without this setting, if
you ran svn log, it would omit from the log the files that were changed in
projects you are not authorized to. With this setting, that extra
checking is not performed and svn log would show you that those files were
changed. Personally, this does not concern me.
However, with this setting, you still cannot directly access the stuff you
are not authorized to access, such as commit or checkout. So it is not
that bad to have this setting in effect.
Mark
_____________________________________________________________________________
Scanned for SoftLanding Systems, Inc. and SoftLanding Europe Plc by IBM Email Security Management Services powered by MessageLabs.
_____________________________________________________________________________
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Mar 2 16:39:20 2006