[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: How to prevent casual browsing

From: Peter Flynn <peter_at_silmaril.ie>
Date: Sun, 01 Dec 2013 18:15:45 +0000

On 12/01/2013 04:51 PM, olli hauer wrote:
> On 2013-12-01 15:39, Peter Flynn wrote:
>> I have a number of svn repositories running under Apache+subversion on
>> CentOS6/64, with Submin to provide a web GUI to manage them:
>>
>> server.name/svn/foo
>> server.name/svn/bar
>> server.name/svn/blort
>> etc
>>
>> All of them are private; all but one of them are single-user (me) so
>> that I can carry on working from any of my machines in multiple
>> locations. One of them is shared with colleagues on a project: they all
>> have read/write privs on that repo.
>>
>> The URIs are not published or linked, and my colleagues are all well
>> aware of the need to keep their shared URI private. But the requirement
>> is that none of them must be open to casual read access via a web
>> browser, in case someone happen to stumble upon or guess the URI.
>>
>> I am having problems getting the access privs right, as they keep
>> causing "svn: E220000: Not authorized to open root of edit operation"
>> during an svn up. However, in a long exchange with the very helpful
>> submin support
>> (https://ssl.supermind.nl/collab/projects/submin/ticket/336) we have
>> failed to identify settings that work.
>>
>> Currently the svn/conf/authz file says
>>
>>> [groups]
>>> dev = a,b,c,d,e,me
>>>
>>> [foo:/]
>>> @dev = rw
>>>
>>> [bar:/]
>>> me = rw
>>>
>>> [blort:/]
>>> me = rw
>>
>> The Apache conf.d/subversion.conf says:
>>
>>> <Location /svn>
>>> DAV svn
>>> SVNParentPath /var/lib/submin/svn
>>> # removed GET from LimitExcept to prevent casual browsing
>>> <LimitExcept PROPFIND OPTIONS REPORT>
>>> AuthType Basic
>>> AuthName "Authorization Realm"
>>> AuthUserFile /etc/svn.auth
>>> Require valid-user
>>> </LimitExcept>
>>> </Location>
>>
>> and svn.auth specifies a username:encryptedpassword pair for each member
>> of [groups] in the usual way.
>>
>> 1. Browsing with a web browser causes a prompt for the username/password
>> as expected.
>>
>> 2. An svn ci operation works fine.
>>
>> 3. An svn up operation fails, and always causes an E220000 error.
>>
>> 4. Replacing the GET in the LimitExcept config allows svn up to work
>> without error, but allows casual browsing of the web interface.
>>
>> Is there a way to prevent the casual browsing while avoiding the E220000
>> error?
>>
>
>
> You do not have AuthzSVNAccessFile $path/to/authz in your Location config.

I'm sorry, I omitted to say that the submin installation included an
apache-svn.conf which is soft-linked into the httpd/conf.d directory,
and that *does* include the AuthzSVNAccessFile
/var/lib/submin/conf/authz line. This is the default for submin.

> <IfModule mod_authn_dbd.c>
> DBDriver sqlite3
> DBDParams "/var/lib/submin/conf/submin.db"
>
> <IfModule mod_dav_svn.c>
> <Location "/svn">
> DAV svn
> SVNParentPath /var/lib/submin/svn
>
> AuthType Basic
> AuthName "Subversion repository"
>
> # Authentication
> AuthBasicProvider dbd
> AuthDBDUserPWQuery "SELECT password FROM users WHERE name=%s"
>
> # Authorization
> AuthzSVNAccessFile /var/lib/submin/conf/authz
>
> Satisfy Any
> Require valid-user
> </Location>
> </IfModule>

(and mod_authn_dbd is included in httpd.conf). Is this Location
conflicting with the one in subversion.conf, and which one should take
precedence?

///Peter
Received on 2013-12-01 19:16:23 CET

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.