subversion-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Branko ─îibej <br...@wandisco.com>
Subject Re: Add $authenticated to group definition
Date Fri, 16 Jan 2015 13:14:00 GMT
On 16.01.2015 13:55, Tom Ghyselinck wrote:
> Hi Brane,
>
> Thank you for the quick reply!
>
> Our point is that we would like define groups as
>         <service>-<access>-<group>
>
>
> I.e. For our subversion service:
>         vcs-r-some_group
> defines that "some_group" has "read" access for the subversion
> repository.
>
> - Some repositories allow read access to a select number of users.
> - Other repositories allow read access to all "authenticated
> users" (i.e. $authenticated).
>
> When we could add "$authenticated" to the "vcs-r-some_group",
> then this can be controlled by a single group while now, we need to add
> both.

Or you could just keep your group definitions up to date when you give
new users access to the repository. From the point of view of security,
this is actually the better option because it avoids mistakes. I.e.,
it's easier to see that you forgot to give someone access (they'll
report that) than that you unintentionally gave someone access (you have
to keep checking logs for that).

-- Brane


Mime
View raw message