Re: Security features, path based authorization in subversion

From: John Peacock <john.peacock_at_havurah-software.org>
Date: Mon, 25 Aug 2008 09:30:45 -0400

vinay i wrote:
> I even tried the svn+ssh tunnel with path based authorization. This
> worked for me only when the permissions on repository was rw-rw-rw-.
> Depending on the user and path to repos in authz file authorization
> worked either giving access or complaining "authorization failed".
> But when I put the permissions on repository as rw-r---- for users
> other than those belonged to the group the error was *"Permission denied". *
> I can't keep permisisons as rw-rw-rw- because users on the server can
> access the file system directly.

There is no reason to have such permissive rights on the repo. See this
FAQ entry and note for details for how to do this:

http://subversion.tigris.org/faq.html#ssh-svnserve-location
http://svn.collab.net/repos/svn/trunk/notes/ssh-tricks

Under this scheme, the repository is owned by a single user and everyone
needing access simply provides their public key and is added to a common
config file. This is trivially scriptable as well...

HTH

John

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-08-25 15:31:21 CEST

This message: [ Message body ]
Next message: Mike A: "RE: RE: Perforce to Subverson Migration"
Previous message: John Peacock: "Re: Problem with python + hook"
In reply to: vinay i: "Re: Security features, path based authorization in subversion"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]