"David W. Wilson" <wilson.d@anseri.com> writes:
> Many IT people today have greatness thrust upon them, and I have just
> implemented a Collabnet SVN Server quick, fast and in a hurry with a
> modicum of IT knowledge. I count myself fortunate to have found CSS,
> as it allowed me to quickly set up a the server meeting security
> guidelines with a minimum of developer disruption.
>
> My task would have been easier if:
The SVN Guide's task would be easier if...
> - The SVN guide showed me how to implement global SVN+Apache server
> security, not just SVN repository security.
...you could submit a patch to improve the documentation for this. (I
assume you're talking about svnbook.red-bean.com, and if so, the
mailing list for such patches is svnbook-dev{_AT_}red-bean.com.) :-)
> - The SVN guide warned TortoiseSVN+mod_authz_svn users to grant read
> all users read access to the SVN repository root. It seems that at
> least one TSVN feature (the revision graph) requires access to the SVN
> verbose log, and if the user does not have read access to the root,
> they cannot read the log and the revision graph fails (even if they
> have read access for the file they are graphing). The only way around
> this problem seems to be to grant all users read access in the root,
> and to restrict access as necessary in immediate subdirectories of the
> root. This compromise restores TSVN revision graphing at the cost of
> unprotecting files in the SVN root. Unless and until this issue is
> addressed, users need to know how to configure the SVN access file to
> work around it. I can provide some assistance here.
Likewise (thanks for the willingness to help, indicated by the last
line above!).
> - The SVN guide contained some information about obtaining a
> compatible mod_auth_sspi module and configuring Win32 domain
> authentication, including an access file example. Maybe (dare I hope)
> mod_auth_sspi.o could even ship with SVN or CSS (Microphobia
> notwithstanding, a lot of us have no choice but to work with Windows).
>
> If the SVN guide does include this information, don?t kill me too
> hard.
If you didn't see the information, it's probably not there. One way
things get done around here is that someone encounters a lack, and
then sends in a patch to fix it :-). Obviously, no big deal if you
don't have time to do so, but any help you can give would be welcome.
Best,
-Karl
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed Sep 19 18:15:29 2007