On Wed, Oct 13, 2010 at 3:42 PM, Shaun Pinney
<shaun.pinney_at_bil.konicaminolta.us> wrote:
>> The usual issue is making sure people outside the project are
>> prevented from reading the code. You might not want people in your
>> project making changes on tags and branches, but there usually isn't a
>> security issue if they see the code on the branches and tags.
>
> Our issue is handling multiple companies doing development on the same
> project. Various restrictions (e.g. licensing) prevent us from sharing
> all project files with everyone involved. It's a tricky use case. We
> also have additional considerations which require us to control project
> read access within a project even within the same company.
So, you have a branch for each company, and that's why you need
specific read permissions on each branch? If that's the case, I can
see why you want to restrict reading privileges on a per-branch basis.
How do you handle branching and tags in that case? Do you branch
branches and tags off the company branches?
You'll have to get LDAP working. Otherwise you'll be spending most of
your time changing the httpd configuration and bouncing the server.
With LDAP, you won't have to touch the httpd configuration. A change
in the LDAP security will immediately be reflected in the Subversion
permissions.
--
David Weintraub
qazwart_at_gmail.com
Received on 2010-10-13 21:53:01 CEST