[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Path-based access control seems broken

From: Rush Manbert <rush_at_manbert.com>
Date: Fri, 08 Feb 2008 17:24:20 -0800

I have seen a couple of posts on this subject asking whether you could
use wildcard characters in your authz-db file to generalize the access
rules.

My question is more general than this. Basically, I need to restrict
access to a certain directory subtree within our repository so only one
or two people can access it. (Don't ask why. It's just required.) Let's
say that the top level of the tree is located at
/trunk/project/firmware, just to make things simple. I can easily add
the access restriction for this directory and everything works as I
would expect.

However, being good Subversionists, we follow the recommended practice
and make tags and branches by using svn copy. The problem is that there
will be no access restrictions on the firmware directory tree within the
copies unless we go back to the authz_db file and add them.

I don't want to start a debate about the cost/benefits/badness/goodness
of using access controls. But I wonder if there are other people using
it who agree with me that this behavior seems to be wrong. I would
expect that if I make a copy of an access-restricted directory the
access restrictions will be "sticky" (ooh, that sounded sort of CVS-ish,
didn't it?) and will apply to the copy as well.

Comments?

- Rush

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-02-09 02:24:39 CET

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.