[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Re: Project based authentication

From: Nico Kadel-Garcia <nkadel_at_comcast.net>
Date: 2006-07-25 19:35:50 CEST

Durden, Paul wrote:
> Nico,
> I'm sure what you meant. If you mean AuthzSVN security can only be
> used for HTTP access, then that's only try for versions before 1.3.x.
> Since SVN v1.3.x you can use the same authz file for HTTP and SVN
> repository access. The FILE access is the only one that can't use the
> authz file. This method depends on file system security.
>
> Paul

Well, yes. There are three primary access methods to an SVN repository:

    HTTP/WebDAV, usually via HTTPS
    svnserve, most safely done via svn+ssh
    local file access

I've had considerable difficulty using the same config file for both
svnserve and HTTP: even if it works, it doesn't work properly for local file
access. And when I found that the resolution of control over file access was
so limited, I found that svnperms.py and svnperms.conf worked very well to
allow me to set only the site admin to be able to flush tags, no one to be
able to edit them in place, and anyone to be able to create one.

That helps keep tags from being misused, and provides similar levels of
control for other uses in a way that the read/write permissions of
svnserve.conf cannot support.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Tue Jul 25 19:36:52 2006

This is an archived mail posted to the Subversion Users mailing list.