Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 307E92009E8 for ; Mon, 30 May 2016 12:58:01 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id 2EFFE160A19; Mon, 30 May 2016 10:58:01 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 75FE0160A16 for ; Mon, 30 May 2016 12:58:00 +0200 (CEST) Received: (qmail 67231 invoked by uid 500); 30 May 2016 10:57:54 -0000 Mailing-List: contact users-help@subversion.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@subversion.apache.org Received: (qmail 67221 invoked by uid 99); 30 May 2016 10:57:54 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd1-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 30 May 2016 10:57:54 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id 02FFDC394D for ; Mon, 30 May 2016 10:57:54 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -0.699 X-Spam-Level: X-Spam-Status: No, score=-0.699 tagged_above=-999 required=6.31 tests=[RCVD_IN_DNSWL_LOW=-0.7, UNPARSEABLE_RELAY=0.001] autolearn=disabled Received: from mx2-lw-us.apache.org ([10.40.0.8]) by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024) with ESMTP id QiRetpoPuttZ for ; Mon, 30 May 2016 10:57:51 +0000 (UTC) Received: from einhorn.in-berlin.de (einhorn.in-berlin.de [192.109.42.8]) by mx2-lw-us.apache.org (ASF Mail Server at mx2-lw-us.apache.org) with ESMTPS id 1DFA85F4EB for ; Mon, 30 May 2016 10:57:50 +0000 (UTC) X-Envelope-From: stsp@elego.de Received: from ted.stsp.name (ted.stsp.name [217.197.84.34]) by einhorn.in-berlin.de (8.14.4/8.14.4/Debian-4+deb7u1) with ESMTP id u4UAvehd013990 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 30 May 2016 12:57:40 +0200 Received: from localhost (ted.stsp.name [local]) by ted.stsp.name (OpenSMTPD) with ESMTPA id 335f10d1; Mon, 30 May 2016 12:57:40 +0200 (CEST) Date: Mon, 30 May 2016 12:57:40 +0200 From: Stefan Sperling To: Phil Crooker Cc: "users@subversion.apache.org" Subject: Re: view log problem with path authorization Message-ID: <20160530105740.GH832@ted.stsp.name> Mail-Followup-To: Phil Crooker , "users@subversion.apache.org" References: <1464079229507.65221@orix.com.au> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1464079229507.65221@orix.com.au> User-Agent: Mutt/1.5.24 (2015-08-30) archived-at: Mon, 30 May 2016 10:58:01 -0000 On Tue, May 24, 2016 at 08:40:29AM +0000, Phil Crooker wrote: > Newbie question - I have authenticated users with read or r/w access are unable to view logs, eg: > > > # svn --username whatever --password xxxxx svn://svn/repos/project/yada.txt > > svn: Item is not readable > > I must grant anonymous read access in authz and then it works: > > > [/] > > * = r > > > I've seen this reported earlier but no answer: > > > http://svn.haxx.se/users/archive-2011-02/0141.shtml > > http://stackoverflow.com/questions/6651997/svn-show-log-not-working > > > My question is why can't an authenticated user who has rights see the logs? Hi Phil, The use case scenario behind the design of the authz feature is the following: Imagine you're setting up a competition, where teams apply to compete and write some piece of software for you based on a specification. Your competition has the following contraints: - No team should be aware of who else is competing. - You're hosting all competing teams in a single repository. In this scenario, the following information must be protected: - file content - the knowledge of which paths exist in the repository - the knowledge of which authors make commits to the repository 'svn log' shows always the author name, and the list of changed paths is available with 'svn log -v'. And because log messages are free-form, they may contain content which would leak such information. For example, developers might refer to each other in log messages ("Review by: Robert") or they might refer to paths in the repository ("team1/project1/main.c: Fix crash with --help option.") That's why, if any path in the changed paths list of a revision is forbidden to the authenticated user, the *entire* information which would be provided by 'svn log' is hidden from that user. I suspect that, in your scenario, SVN denies access to the revision log based on the above reasoning.