Thanks David.
But my concern is when I use svnserve as a user and set permissions on the
repository, to authenticate other users I will have to store users and
corresponding passwords. This is a security concern. Can't we have a method
where we don't have to store passwords?
Vinay
On Fri, Aug 22, 2008 at 9:17 PM, David Weintraub <qazwart_at_gmail.com> wrote:
> n Fri, Aug 22, 2008 at 3:30 AM, vinay i <vinay.indresh_at_gmail.com> wrote:
> > Hi
> > I tired using svnserve and apache for security features and path based
> > authorization. But when a user has access to the server (login to the
> > server) all these authorization fails. He can access any path within the
> > repository by file:/// access.
>
> Create a NEW user called "svnserve". Create a new group for this user
> and call it "svnserve" too. Then, change all the files in the
> repository to be owned by this user and this user's group with a
> permission of "rw-r--r--" or even better "rw-r-----". Set this
> svnserve's umask to "066". Then run your Subversion server as this
> user. This way, developers can't read and write to the repository
> using the "file:///" access.
>
> The only reason you should be using "file:///" access is if you have a
> private repository, and you don't want to run the server. As soon as
> more than one person needs access the repository, you should setup a
> special subversion server user and give that user exclusive read and
> write access on the repository.
>
> --
> David Weintraub
> qazwart_at_gmail.com
>
Received on 2008-08-25 11:56:09 CEST