Re: path-based access control questions

From: Shaun Johnson <shaun.johnson_at_gmail.com>
Date: 2007-02-15 19:56:45 CET

> 2) The svnbook refers to performance implications, stating ominously:
> "in certain situations, there's very noticeable performance loss".
> Can anyone elaborate? Is this specific to http vs svn access? does it
> linearly track # of paths specified? what ops, etc?

We use authz rules extensively with our repositories and throughput
using HTTP is excellent. All of our rules are based on groups
permissions.

> Unfortunately, I need to restrict read access (contractual requirement
> to licensed source). It looks like svnperms.py is a pre-commit check
> so can only catch write accesses.

What exactly do you mean by "restrict read access"? If you are trying
to prevent anonymous and authenticated users from even reading the
files then set "* = " at the root of the repository and explicitly
grant developers write access.

e.g.

[groups]
developers = mike, bob

[repos:/]
* =
@developers = rw

If want you want is to allow anonymous and authenticated users to have
read access to the files then set * = r.

e.g.

[groups]
developers = mike, bob

[repos:/]
* = r
@developers = rw

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Feb 15 19:57:34 2007

This message: [ Message body ]
Next message: Phillip Susi: "Re: Branch causes missing revs and errors merging"
Previous message: Tim Noell: "More Info on Re: svn operations on a dir node show files in it, but operations explicitly on files fail"
In reply to: Kylo Ginsberg: "Re: path-based access control questions"
Next in thread: Kylo Ginsberg: "Re: path-based access control questions"
Reply: Kylo Ginsberg: "Re: path-based access control questions"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]