[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Making file immutable in working copy

From: David Weintraub <qazwart_at_gmail.com>
Date: Sat, 27 Sep 2008 23:03:33 -0400

So, you want to prevent someone, on a system they control, not to be
able to modify files?

The only solution would be to take control away from the user. It
wouldn't be a Subversion solution, but an OS solution. For example,
change the directory and file ownerships and remove write permissions.

Of course, if this sits in a particular user's directory, they can
remove the directory and destroy the files. There is no way you can
put files under someone's control, but prevent them from being

Your best solution would be to keep the repository safe. Don't allow
file access, only svnserve or httpd access, and keep the repository on
a system no one has access to.

By the way, how do you mean that the repository was compromised?

David Weintraub
On Thu, Sep 25, 2008 at 4:04 PM, Lasse Kliemann
<lasse-subversion-users-2004_at_plastictree.net> wrote:
> Hello David,
> thanks for the response. I am afraid, however, these solutions
> all work server-side. I needed a client-side method, since in the
> scenario that I assumed, the server has been compromised.
> * Message by -David Weintraub- from Thu 2008-09-25:
>> There are a whole slew of pre-commit hooks that can do just this. In
>> fact, this is probably the most popular request for a hook.
>> The most common one is written in Python, and there's an older Perl
>> version that isn't quite as flexible as the Python version, but will
>> do exactly what you want.
>> Both hooks will allow you to lock a specific file, specific directory,
>> or specify a group of files via a regular expression. You can specify
>> that no one can touch a file/directory or that only certain people
>> can.
>> That way, you can have two people work on one project, but not allow
>> other people in your group to touch a project, or you can freeze a
>> project, so people can check it out, but not modify it.
>> Take a look at <http://subversion.tigris.org/tools_contrib.html#hook_scripts>
>> The two you're looking at are:
>> commit-access-control.pl (and commit-access-control.cfg.examples)
>> enforcer (and enforcer.conf) -- this is in Python
>> --
>> David Weintraub
>> qazwart_at_gmail.com
>> On Thu, Sep 25, 2008 at 3:13 PM, Lasse Kliemann
>> <lasse-subversion-users-2004_at_plastictree.net> wrote:
>> > How do I make a versioned file in a working copy immutable, i.e.,
>> > prevent it from being changed (especially from being deleted) by
>> > subsequent 'svn up' operations?
>> >
>> > Removing the write permissions in the file system is not
>> > sufficient. One could use 'chattr +i ...', but that involves
>> > superuser privileges (or special capability settings). There must
>> > be a simpler way.
>> >
>> > Rationale: I know that one can always get an old version of the
>> > file from the repository. However, I am concerned with the case
>> > when the server holding the repository is compromised. Yes, then
>> > I play in a backup. However, my users want to be as independent
>> > as possible from any centralized solution; they want to rely on
>> > certain files never changing in their working copies, at least
>> > not without their explicit consent.
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-09-28 05:03:54 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.