Re: Recommendation for path-based authorisation auditing tool?

On Thu, Sep 26, 2013 at 10:50 AM, David Aldrich
<David.Aldrich_at_emea.nec.com>wrote:

> We use path-based authorisation to control access to our svn
> repositories. The authorisation rules can be quite complex as we apply
> different authorisations across various branches and directories of our
> projects. It is quite hard to be sure that the required permissions
> structure is correctly implemented.
>
> **
>
> ** **
>
> Therefore, we are looking for a tool to help audit the permissions. I am
> aware that there are various commercial tools available. The ones I have
> seen are part of larger svn tool suites and not available separately. They
> are therefore expensive.****
>
> ** **
>
> I am wondering whether anyone would recommend a suitable tool for
> controlling or auditing path-based permissions? --
>

Define what you mean by auditing? I am not aware of any commercial tools
that do this. There are certainly tools that provide their own UI for
defining the permissions and probably leave an audit trail of who made the
changes, but that does not seem like what you want.

With SVN 1.8 you can store the authz files in the repository -- so that
would give an audit trail.

Also, there is a command line tool that can be used to validate the file as
well as run checks on the rules. See:

http://subversion.apache.org/docs/release-notes/1.8.html#svnauthz_accessof

Thanks

Mark Phippard
http://markphip.blogspot.com/
Received on 2013-09-26 16:56:33 CEST