Emin.shopper Martinian.shopper wrote:
> Is this issue considered a bug or a mis-feature? Are there any plans
> to fix it? I know that Subversion prides itself on cheap copies which
> can be used as tags, but it seems like this way of doing things makes
> tags basically useless to those without full permissions on the tree.
I don't think it is either a bug or a misfeature, merely an outgrowth of
the existing path-based security model. Yes, it requires full
permissions to create a tag of folders containing potentially sensitive
or otherwise restricted folders. But even in that case, an additional
stanza would have to be added to the security to maintain that
restriction in the tag's tree.
I believe the vast majority of projects where specific folders are
restricted do so at the project level, so that the restrictions are
inherited from above by trunk/branches/tags for each project. Either a
user has full access to all of a project, or doesn't have access at all.
Trying to limit access within a project is not a typical use-case,
because of the difficulties you've stumbled over.
There has been some discussion in the past, but no firm designs, of
possibly adding an inherited property model to the repository. This
would permit fine-grained folder and file security, much like in a
filesystem (by maintaining the security in the repository itself). But
there are more edge-cases than you can imagine with such a system, so
the discussion hasn't proceeded anywhere near a design document that
could be used to implement it.
John
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-06-25 15:17:25 CEST