subversion-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Hannes Reich <>
Subject Re: Re: [PATCH] Re: Ancestor directory permissions in authz
Date Mon, 15 Dec 2014 14:01:57 GMT
On 11/12/14 17:14, Branko ─îibej wrote:
 > I have to admit I'm having a bit of trouble understanding what the
 > patch is supposed to do. Can you please explain, with examples, what
 > you're trying to achieve?

Do the examples in my first mail of this thread help?

 > FWIW, I've been looking at adding directory traversal permission to
 > authz: this permission means you're allowed to know about the existence
 > of a path, but not its contents (i.e, know that a directory exists, and
 > even lookup specific children by name, but not read the directory
 > contents).

That sounds like the authz-overhaul branch mentioned by C. Michael
Pilato.  Is it the same thing?

 > I suspect what you're trying to do is a fairly incomplete
 > subset of that.

I think it is a subset, plus a shorthand way of granting traversal
permission for all containing directories of a given path.

 > There's also ^/subversion/branches/authzperf, which implements wildcard
 > support for authz files (among other performance improvements). I
 > suspect that this would cover many of your use cases.

Wildcards in paths would solve the biggest problem I have with the
current authz implementation, namely the need to explicitly deny
permission on many paths.  I didn't go down that route myself because I
was worried about the performance impact of wildcard matching.

With wildcards, the resulting configuration for my scenario would still
be somewhat verbose and error prone.  If my reading of is correct, the
example from my first mail could be expressed as:


That's 7 rules implement "The restricted user should be able to check
out /A/C/public1 and /D/public2 in a single working copy". I works, but
I would still prefer to write



View raw message