[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Mirroring permission for mod-authz and svn on cli

From: Andy Levy <andy.levy_at_gmail.com>
Date: Thu, 9 Apr 2009 13:17:04 -0400

On Thu, Apr 9, 2009 at 12:23, Gerard Marcel <men.makaron_at_gmail.com> wrote:
> The developers have access to the server with any ssh client.
>
> Thanks a lot for answering my question.

So deny them access via the standard Linux ACLs and force them to use
https URLs.

> On Thu, Apr 9, 2009 at 12:19 PM, Andy Levy <andy.levy_at_gmail.com> wrote:
>>
>> On Thu, Apr 9, 2009 at 10:35, Gerard Marcel <men.makaron_at_gmail.com> wrote:
>> > Yes, and that is where I am trying to enforce the same file/directory
>> > permissions as on https.  I am not clear on what to use to get that
>> > effect.
>> > I tried the included  commit-access-control.pl, but it did not work.
>>
>> There is no security when using file:///. You can implement a hook
>> script, but nothing will stop users from bypassing it.
>>
>> If you already have Apache working, why do you need file:/// at all?
>>
>> > On Thu, Apr 9, 2009 at 6:30 AM, Andy Levy <andy.levy_at_gmail.com> wrote:
>> >>
>> >> On Thu, Apr 9, 2009 at 00:06, Gerard Marcel <men.makaron_at_gmail.com>
>> >> wrote:
>> >> > I have setup permission in svn using mod_authz from https and that
>> >> > works
>> >> > fine.  Now while on cli I need to have the same permission for users
>> >> > using
>> >> > the svn command.  I tried the commit-access-control.pl, but it does
>> >> > not
>> >> > work
>> >> > at all.  Can someone provide some pointers?
>> >>
>> >> No matter what client you use, if you've implemented security at the
>> >> server end, it'll be enforced.
>> >>
>> >> Do you have people accessing the repository via file:/// as well as
>> >> https?
>> >
>> >
>
>

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=1616936

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
Received on 2009-04-09 23:36:31 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.