[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Absolutely minimal file permissions for Subverison repository with Apache/DAV?

From: Ryan Schmidt <subversion-2008c_at_ryandesign.com>
Date: Tue, 12 Aug 2008 01:43:11 -0500

On Aug 11, 2008, at 09:59, Toby Thain wrote:

> On 11-Aug-08, at 5:54 AM, david.x.grierson_at_jpmorgan.com wrote:
>
>> The reason for the 2755 permission setting in the example on that
>> page is
>> to set the "setgid" bit on the directory.
>>
>> From the Solaris man page for chmod (which has a much better
>> explanation
>> of octal codes than the Linux man pages):
>>
>>> 20#0 Set group ID on execution if # is 7, 5, 3, or 1.
>>> Enable mandatory locking if # is 6, 4, 2, or 0.
>>
>> For directories, files are created with BSD semantics for
>> propagation
>> of the group ID. With this option, files and subdirectories
>> created in
>> the directory inherit the group ID of the directory, rather
>> than of the
>> current process. It may be cleared only by using symbolic mode.
>>
>> This will mean that all objects will be created with www-data group
>> ownership
>
> This is only relevant if processes *other* than the web server are
> also operating on the repo, surely? (Unusual except for maintenance?)

Not unusual if you are supporting multiple repository access methods:

http://svnbook.red-bean.com/en/1.4/svn.serverconfig.multimethod.html

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-08-12 08:43:44 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.