Re: [svn-policy] Anonymous read in toplevel but deny read deeper

From: Mark Phippard <markphip_at_gmail.com>
Date: Fri, 1 Oct 2010 08:13:27 -0400

See:

http://blogs.open.collab.net/svn/2007/03/authz_and_anon_.html

On Fri, Oct 1, 2010 at 7:25 AM, Ray Rashif <schivmeister_at_gmail.com> wrote:
> Hi all
>
> I have something like the following:
>
> [groups]
> admin = joe
> contrib = susan, mark
> devs = andy, jane
>
> [/]
> * = r
>
> [/trunk]
> @admin = rw
>
> [/trunk/contrib]
> @contrib = rw
> @devs = rw
>
> [/trunk/dev]
> * =
> @contrib =
> @devs = rw
>
> Unfortunately, authentication does not work, and anyone can read
> '/trunk/dev' and I guess that is due to '* = r' in toplevel.
> Strangely, it works for groups, the only change being:
>
> [/]
> @contrib = r
>
> And nothing for '*' anywhere, that would prevent anyone in the group
> 'contrib' to pull '/trunk/dev' in a full checkout. But this then locks
> out anonymous read-only full checkouts (I can have '* = r' for each
> dir except 'dev'), which I do not want.
>
> Thanks beforehand!
>
>
> --
> GPG/PGP ID: B42DDCAD
>

-- 
Thanks
Mark Phippard
http://markphip.blogspot.com/

Received on 2010-10-01 14:14:06 CEST

This message: [ Message body ]
Next message: Hyrum K. Wright: "Subversion 1.6.13 Released"
Previous message: Ray Rashif: "[svn-policy] Anonymous read in toplevel but deny read deeper"
In reply to: Ray Rashif: "[svn-policy] Anonymous read in toplevel but deny read deeper"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]