[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Security features, path based authorization in subversion

From: Ryan Schmidt <subversion-2008c_at_ryandesign.com>
Date: Fri, 22 Aug 2008 03:59:36 -0500

On Aug 22, 2008, at 03:52, vinay i wrote:

> On Fri, Aug 22, 2008 at 2:11 PM, Ryan Schmidt wrote:
>
>> So it sounds like the repository files are writable by any user. I
>> would recommend changing that so only a single user, "svn", is
>> allowed to read and write the repository files. Then, start up
>> svnserve and require all your users to access the repository using
>> svnserve, even if they're accessing it from the same machine. You
>> can have any access restrictions you want, and you remove the risk
>> of users accidentally (or intentionally) damaging the repository.
>
>
> Ryan I did try this out though I didn't create a sinlge user. But I
> started svnserve and setup access control for users in the Autz
> file. When users used svn+ssh everythign seemed to work fine, but
> when they use file:/// no access restrictions worked.

That is correct. There are not and can't really be any access
restrictions for file:/// access to a repository.

> If I create a sinlge user svn how will it help the cause? Do you
> mean to say set permissions on the repository directly to only
> single user, svn. Then allow others to access the repository
> through svnserve?

Yes, that's what I mean.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-08-22 11:00:02 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.