On Mon, Jan 28, 2013 at 3:10 AM, Philip Martin
wrote:
> Evgeny Kotkov writes:
>> * With includes in the configuration files an evil-doer could perform
>> cross-repository configuration includes. That theoretically allows
>> examininig the authorization rules for restricted repositories
On Fri, Jan 25, 2013 at 2:30 AM, Philip Martin
wrote:
> Are administrators going to want both relative path and absolute path
> versions of this directive?
If you want repo unique groups you can just put it in authz file and
not use this directive. So I kinda doubt there's a use for the repos
re
Evgeny Kotkov writes:
> * With includes in the configuration files an evil-doer could perform
> cross-repository configuration includes. That theoretically allows
> examininig the authorization rules for restricted repositories (e.g. via
> bruteforce).
Are you claiming the evil-do
Philip, sorry for the delay in response (I was out of office).
I have carefully considered the include-based approach for this feature,
however, there probably are some drawbacks compared to the approach with the
groups file directive:
- Potential security issues in certain delegation scenarios.
Philip Martin wrote on Fri, Jan 25, 2013 at 10:30:00 +:
> I suppose this approach would break the meaning of existing authz files
> already using '[inherit]'. Another approach would be to use some
> non-INI syntax to define include files.
That's not a problem.
'inherit' is not "groups" or "
Ivan Zhakov writes:
> On Wed, Jan 23, 2013 at 7:27 PM, Evgeny Kotkov
> wrote:
>> When AuthzSVNReposRelativeAccessFile directive is being used and
>> authorization rules are stored per-repository, it is usually required to
>> have a single set of groups for all repositories.
>>
>> In other words,
On Wed, Jan 23, 2013 at 7:27 PM, Evgeny Kotkov
wrote:
> When AuthzSVNReposRelativeAccessFile directive is being used and
> authorization rules are stored per-repository, it is usually required to
> have a single set of groups for all repositories.
>
> In other words, there can be a 'developers' gr
7 matches
Mail list logo
