[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: 'file:' access according to AuthzSVNAccessFile

From: Andy Levy <andy.levy_at_gmail.com>
Date: 2006-03-15 14:28:52 CET

On 3/15/06, Steven Simpson <ss@domain.invalid> wrote:
> I have some Subversion repositories on Linux accessed through https,
> controlled by an AuthzSVNAccessFile svn-access.conf, with Apache doing
> the authentication. The web interface is XML+XSLT->HTML, so on a
> particular directory, I can add extra utility links based on whichever
> SVN directory is being accessed.
>
> I'd like to add a link that produces a .tgz of the displayed directory
> it has been suggested that this might be useful for people who are a
> bit, um, scared of Subversion, but nevertheless have read access to the
> repository.
>
> The script would just do an 'svn export' and a 'tar'. But I can't see
> an easy way of getting the export call to check that the user (already
> authenticated as $REMOTE_USER) has permissions for the directory, or
> correspondingly to avoid checking out unreadable subdirectories. A
> command like this would be ideal:
>
> svn export --username $REMOTE_USER --authz svn-access.conf file:///...
>
> Is there some straight-forward equivalent of this? If not, is it a
> feature worth requesting?

There is, to my knowledge, no access control when using file:// - it's
all or nothing, if the user executing the command has filesystem
permissions to access the Subversion repository files, they can get
anything/everything in the repository. Access controls are done by
the svn servers (whether the Apache2 module or svnserve), and when you
use file:// you use no server.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed Mar 15 14:30:51 2006

This is an archived mail posted to the Subversion Users mailing list.