Re: Restricting Access to a Local Subversion Repository

From: Ryan Schmidt <subversion-2006q2_at_ryandesign.com>
Date: 2006-05-05 15:30:22 CEST

On May 5, 2006, at 02:46, Andy Levy wrote:

>> I am setting up a local FSFS subversion repository
>> that multiple users will be accessing via the file://
>> url.
>>
>> Under this scheme, how can I restrict access of
>> certain branches of the repository to certain users?
>
> Only via a pre-commit hook script.
>
> The file:// access offers no security options comparable to what you
> can do with svnserve or apache. Check out svnperms.py - but be aware
> that if users have filesystem access to the location that stores this
> script and its config file, you're insecure anyway.

Users require filesystem access to the repository files to use the
file:// protocol. Therefore, even if svnperms.py or similar were
installed, any user could copy the entire repository elsewhere,
remove the script in their local copy, and access anything.

If you need access restrictions, do not use the file:// protocol. It
is intended for a single developer, or for testing purposes.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Fri May 5 15:32:42 2006

This message: [ Message body ]
Next message: Eric Hoch: "Re: Error: Cannot replace a directory from within after a move."
Previous message: Eric Hoch: "Re: Error: Cannot replace a directory from within after a move."
In reply to: Andy Levy: "Re: Restricting Access to a Local Subversion Repository"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]