[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: An access permissions problem

From: David Aldrich <David.Aldrich_at_EU.NEC.COM>
Date: Tue, 21 Dec 2010 15:59:49 +0000

Hi David

Thanks for your help. Yes, the branches, tags, and trunk directories are at the
root. In your suggestion, I am worried that a developer might create a branch containing ConfidentialFolder in /branches rather than in /branches/ConfidentialBranches, by mistake. Do you agree that is a problem?

David

-----Original Message-----
From: David Weintraub [mailto:qazwart_at_gmail.com]
Sent: 21 December 2010 15:40
To: David Aldrich
Cc: users_at_subversion.apache.org
Subject: Re: An access permissions problem

It looks like the, branches, tags, and trunk directories are at the
root of your repository. What if you create the confidential branches
under their own folder under the branches and tags directories instead
of directly under those directories?

Then, you could specify it this way:

[myproj:/trunk/ConfidentialFolder]
@myPrivilegedGroup = rw
* =
[myproj:/branches/ConfidentialBranches]
@myPrivilegedGroup = rw
* =
[myproj:/tags/ConfidentialTags]
@myPrivilegedGroup = rw
* =

On Tue, Dec 21, 2010 at 9:46 AM, David Aldrich <David.Aldrich_at_eu.nec.com> wrote:
> Hi
>
>
>
> We host each of our  projects in a separate svn repo and control access
> permissions via Apache.
>
>
>
> In one large project, we need to limit the visibility of a few confidential
> files.  We have done this by specifying something like:
>
>
>
> [myproj:/trunk/ConfidentialFolder]
>
> @myPrivilegedGroup = rw
>
> * =
>
>
>
> The problem with this is that the confidential files become visible to
> everyone when we create a branch. Of course, we could control the visibility
> of the branches by adding further directives but this becomes complex and
> hard to validate. So we think it is best to only set access permissions on
> entire repositories.
>
>
>
> Therefore, we think a better solution would be to put the confidential files
> in their own repo and bring them into the large project with an external.
> However, I am not sure what happens when an external can't be resolved
> because access to the external repo is denied.
>
>
>
> I would welcome any advice on this problem.
>
>
>
> BR
>
>
>
> David 

-- 
David Weintraub
qazwart_at_gmail.com
 Click https://www.mailcontrol.com/sr/m5HZpEx0TeXTndxI!oX7Ui!B!9hWdHWJSayi3ertgL1BdOqvXvhMeYlmF8vykjgUr+eZouLtF3paXEW7R1X!lw==  to report this email as spam.
Received on 2010-12-21 17:00:44 CET

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.