[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: authz via properties?

From: Branko Čibej <brane_at_wandisco.com>
Date: Fri, 18 Oct 2013 02:46:39 +0100

On 17.10.2013 20:00, Alexey Neyman wrote:
> Hi all,
>
> We are actively using authz path-based authentication rules: due to some legal
> requirements, some parts of our product source code are not accessible to a
> part of the developer team. Currently authz does not support wildcards (there
> is an issue about that [1] discussed since 2006). Because of this, each time a
> branch is created, authz rules have to be copied and modified for the new
> branch.
>
> This leads to a proliferation of authz rules; our authz is currently about
> 2000 lines and growing. I am currently implementing a post-commit script so
> that we would be able to record authz rules on files/directories, and authz
> would be appended with new rules every time these files/directories are
> copied.
>
> First, I am wondering how well such 'authz' approach would scale. Has anyone
> run scalability tests on authz?
>
> Second, I thought that if I am using properties to track authz-controlled
> files, SVN server would probably do that more effectively than a post-commit
> script. As an added value, property-based authz would allow versioning in
> path-based auth configuration that current mechanism does not allow. E.g.,
> currently one could either configure path /foo as either R/O, R/W or
> unaccessible to user U; it is not possible to configure the path to be
> unaccessible before/after a certain revision.
>
> Thoughts? Ideas?

Properties are not suitable for storing ACLs because they are immutable;
i.e., you cannot change properties on committed files and directories.
You need a different kind of structure, one that the Subversion
repository does not have yet.

In-repository ACLs are a feature that's we'd like to add to the new
repository back-end that's being developed. But don't hold your breath;
it will be several years before this is available. In the meantime, one
authz file per repository (and preferably stored /in/ the repository,
which is a new feature in 1.8) is IMO the best available option.

You can also use the pre-commit and pre-revprop-change hooks and build
your own authz system around those, but that's a lot of work.

-- Brane

-- 
Branko Čibej | Director of Subversion
WANdisco // Non-Stop Data
e. brane_at_wandisco.com
Received on 2013-10-18 03:47:09 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.