Right now i'm trying to narrow a complex subversi开发者_StackOverflow中文版on problem and performing lots of small tests with creating and accessing repositories normally via file:// protocol. I have tried to add some security to such local repository by setting password-db and authz-db in repository /conf/svnserve.conf but seems svn client ignores such settings while using file:// protocol. Is path security possible at all with file:// protcol or i need to start a svnserve daemon?
Accessing a file:// repository uses the operating system's file functions. You can therefore make use of the filesystem security functionality your OS has: Just configure the permissions to the repository directory via your OS's interface.
For example, to allow only svnserve and members of the group svnusers access to your repository on a classical UNIX system, execute the following as root:
$ chown svnserve:svnusers /my/repository
$ chmod 770 /my/repository
With file:// protocol each subversion client is acting as the svn server when accessing the repository. This essentially means that the users are responsible for enforcing their own permissions.
Even if you were able to give users narrow permissions to specific paths within the repository, they would still need read/write OS-level permission to the file:// path which would let them read or even corrupt the whole repository anyway.
If you want real security, you need to host the repository through another service such as svnserve which enforces the user permissions.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论