[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: access svn securely from the internet via sasl or ssh

From: Bob Archer <Bob.Archer_at_amsi.com>
Date: Fri, 19 Dec 2008 13:02:37 -0500

Understood... but I am going by what the OP email said. And I may
misunderstand what he means. But... from what I gather...

He wants the user to have rw access to the repository via the svn client
but does NOT want him to have rw file system access to the repository
folder.

BOb

> -----Original Message-----
> From: Paul Koning [mailto:Paul_Koning_at_dell.com]
> Sent: Friday, December 19, 2008 12:58 PM
> To: Bob Archer
> Cc: bobdole1_at_web.de; users_at_subversion.tigris.org
> Subject: RE: access svn securely from the internet via sasl or ssh
>
> >>>>> "Bob" == Bob Archer <Bob.Archer_at_amsi.com> writes:
>
> Bob> From the svn bool. " When running over a tunnel, authorization
> Bob> is primarily controlled by operating system permissions to the
> Bob> repository's database files; it's very much the same as if Harry
> Bob> were accessing the repository directly via a file:// URL."
>
> Ok.
>
> Bob> That says to me that the *nix user that is logged in needs rw
> Bob> access to the repository files in order to access the
> Bob> repository.
>
> That doesn't follow. The access is done by the svnserve daemon, using
> the credentials of the server-side username that SSH connected to. If
> that user has read-only access to the repository -- easy to do by
> setting the uid/gid appropriately -- then that should give you
> read-only access to the data.
>
> paul
>

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=987678

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
Received on 2008-12-19 19:03:25 CET

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.