subversion-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache subversion Wiki <comm...@subversion.apache.org>
Subject [Subversion Wiki] Update of "InRepoAuthz" by BenReser
Date Mon, 05 Nov 2012 15:49:47 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Subversion Wiki" for change notification.

The "InRepoAuthz" page has been changed by BenReser:
http://wiki.apache.org/subversion/InRepoAuthz?action=diff&rev1=6&rev2=7

  
  One obvious question is the security of the Authz file once it is stored within the repository.
 This would be left up to the user to implement via the Authz file themselves.  Appropriate
documentation would be written.  In the case of an Authz file being committed that prevented
all access to a repository it could be repaired with ra_local since Authz is not applicable
there.
  
+ Another common question is what happens if you commit and Authz file that disallows access
to everyone.  RA local access `file://` does not implement authz.  So an admin with access
to the filesystem that the repository can commit a fixed authz file.
+ 
  === Performance ===
  
  Until this is implemented on an experimental branch performance will not be clear.  However,
in the case where the Authz file is in the same repo as the repo which it is protecting we
should be able to use the repository connection for both retrieving the Authz file and the
actions of the client, which should minimize the overhead.  Server side caches will also aid
with performance and if the data is already cached in memory should result in similar performance
to a file system hosted Authz file which would likely be cached by the OS in memory.

Mime
View raw message