[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

svnserve authz permissions problem

From: Fyodor <fyodor_at_insecure.org>
Date: 2006-12-23 23:28:22 CET

I have encountered what seems to be a bug in the svnserve directory
authorization (authz) system. It has been reported on this mailing
list before over the last year (example: [1]), but I wasn't able to
find a corresponding issue tracker entry, and the problem still seems
to exist in 1.4.2 (I upgraded both the server and my client).

To demonstrate the problem, here is a sample authz file:

fyodor = rw
* =

The corresponding svnserve.com includes:
anon-access = read
auth-access = write

Given this configuration, 'fyodor' should be able to and can list the
/nmap directory:

flog> svn ls svn://svn.insecure.org/nmap

But when I try to check out '/nmap' as 'fyodor', I get:

flog>svn co svn://svn.insecure.org/nmap/
svn: Not authorized to open root of edit operation

That is strange, since fyodor is supposed to have 'rw' on [/]. Also,
fyodor can individually read the files with commands like "svn cat
svn://svn.insecure.org/nmap/CHANGELOG". It is just the 'co' command
which is refusing access for some reason.

Specifying the username 'fyodor' explicitly on the checkout line doesn't help:

flog> svn co --username fyodor svn://svn.insecure.org/nmap/
svn: Not authorized to open root of edit operation

Yet the following to workarounds do "fix" the problem:

1) If I change "anon-access = read" to "anon-access = none" in
   svnserve.conf , suddenly user fyodor can check out the directory. But
   this is no good, since I want to give anonymous users access to some
   directories, while keeping others private for certain authorized

2) If I change "* =" to "* = r", giving anonymous (and other
   non-Fyodor) users read access to the whole repository by default,
   fyodor can check out the directory, even if the directory entry
   itself blocks anonymous users (while granting fyodor explicit
   permission). But this is undesirable, since it then means we have
   to remember to explicitly block anonymous users from all private
   directories. It is much more secure to deny by default, and
   explicitly add access where needed.

It seems like svnserve (or maybe the client) is treating my access as
anonymous rather than noting fyodor's access rights to /nmap/. Do you
agree that this is a bug? Have any ideas for fixing it?

Don't use svn.insecure.org to test this problem, since I just
reconfigured it briefly for these tests. Now I'm returning the old
configuration so other developers can access it again.


[1] http://svn.haxx.se/users/archive-2006-02/0924.shtml

To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Sat Dec 23 23:29:04 2006

This is an archived mail posted to the Subversion Users mailing list.