[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Defect restricting access in authz.txt?

From: <david.x.grierson_at_jpmorgan.com>
Date: 2007-08-30 11:43:18 CEST

We have the following config in our authz.txt file (names/paths obviously
changed):

[repo:/trunk]
@users=rw
@priv_users=rw

[repo:/trunk/src]
@priv_users=rw
*=

If the top level /trunk directory is checked out then all of the objects
*other* than src are checked out. If /trunk/src is specifically checked
out then an error is received giving a PROPFIND failed. This applies to
*all* users - including those in the @priv_users group.

On the other-hand if a web-browser is opened at /trunk/src then this is
visible to users who are members of priv_user. This means that essentially
read-only access has been granted to the browser as opposed to read/write
- in which case why can't I checkout the objects?

I would have thought that either:

a) The "*=" should over-ride the more specific access control of
"@priv_users=rw" in which case no access should be available to any users.

or

b) The "@priv_users=rw" is more specific to a particular user therefore it
should override the generic "*=" statement.

The inconsistency between browser access and svn client access suggests
that this is a defect.

Can anyone suggest a reasonable workaround to restrict any access to a
sub-directory to specific group of users and denying access to all others?

Regards,

David.

--
David Grierson
JPMorgan - IB Architecture - Source Code Management Consultant
GDP 228-5574 / DDI +44 141 228 5574 / Email david.x.grierson@jpmorgan.com
Alhambra House 6th floor, 45 Waterloo Street, Glasgow G2 6HS
 
This communication is for informational purposes only. It is not
intended as an offer or solicitation for the purchase or sale of
any financial instrument or as an official confirmation of any
transaction. All market prices, data and other information are not
warranted as to completeness or accuracy and are subject to change
without notice. Any comments or statements made herein do not
necessarily reflect those of JPMorgan Chase & Co., its subsidiaries
and affiliates. This transmission may contain information that is
privileged, confidential, legally privileged, and/or exempt from
disclosure under applicable law. If you are not the intended
recipient, you are hereby notified that any disclosure, copying,
distribution, or use of the information contained herein (including
any reliance thereon) is STRICTLY PROHIBITED. Although this
transmission and any attachments are believed to be free of any
virus or other defect that might affect any computer system into
which it is received and opened, it is the responsibility of the
recipient to ensure that it is virus free and no responsibility is
accepted by JPMorgan Chase & Co., its subsidiaries and affiliates,
as applicable, for any loss or damage arising in any way from its
use. If you received this transmission in error, please immediately
contact the sender and destroy the material in its entirety,
whether in electronic or hard copy format. Thank you. 
Please refer to http://www.jpmorgan.com/pages/disclosures for
disclosures relating to UK legal entities.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Aug 30 11:48:52 2007

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.