Re: Security features, path based authorization in subversion

n Fri, Aug 22, 2008 at 3:30 AM, vinay i <vinay.indresh_at_gmail.com> wrote:
> Hi
> I tired using svnserve and apache for security features and path based
> authorization. But when a user has access to the server (login to the
> server) all these authorization fails. He can access any path within the
> repository by file:/// access.

Create a NEW user called "svnserve". Create a new group for this user
and call it "svnserve" too. Then, change all the files in the
repository to be owned by this user and this user's group with a
permission of "rw-r--r--" or even better "rw-r-----". Set this
svnserve's umask to "066". Then run your Subversion server as this
user. This way, developers can't read and write to the repository
using the "file:///" access.

The only reason you should be using "file:///" access is if you have a
private repository, and you don't want to run the server. As soon as
more than one person needs access the repository, you should setup a
special subversion server user and give that user exclusive read and
write access on the repository.

--
David Weintraub
qazwart_at_gmail.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org