Disallowing read permission for a single user

[Erik Tews <e_...@cdc.informatik.tu-darmstadt.de>]

Hi

I have a repository and a lot of users. All users except john should be
able to read the data. John should not be allowed to read anything. Can
I configure this, without having to enumerate all users in authz.conf? I
tried this, but somehow, john is still allowed to read:

[rep:/]
* = r
john =

The same holds if I switch the lines with * and john.

Re: Disallowing read permission for a single user

[Mark Reibert <sv...@reibert.com>]

I believe the issue is the permissions from a repository-unqualified
path (say, [/]) are merged (in the union sense) with those of a specific
repository. If this is true then it seems like a bug as the SVN Book
claims the most-specific path is the one that matters.

The work around is to lock everything down, then just open up what you
need, but this makes it pretty cumbersome to manage the access control.

On Mon, 2008-03-31 at 12:15 +0200, Erik Tews wrote:
> Hi
> 
> I have a repository and a lot of users. All users except john should be
> able to read the data. John should not be allowed to read anything. Can
> I configure this, without having to enumerate all users in authz.conf? I
> tried this, but somehow, john is still allowed to read:
> 
> [rep:/]
> * = r
> john =
> 
> The same holds if I switch the lines with * and john.
-- 
----------------------
Mark S. Reibert, Ph.D.
svn@reibert.com
----------------------


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

Re: Disallowing read permission for a single user

[da...@jpmorgan.com]

I'm afraid not ... maybe if the issue gets more and more subscribers to it 
then it'll become a higher priority for fix.

Dg.
--
David Grierson
JPMorgan - IB Architecture - Source Code Management Consultant
GDP 228-5574 / DDI +44 141 228 5574 / Email david.x.grierson@jpmorgan.com
Alhambra House 6th floor, 45 Waterloo Street, Glasgow G2 6HS
 



Erik Tews <e_...@cdc.informatik.tu-darmstadt.de> 
31/03/2008 11:21

To
david.x.grierson@jpmorgan.com
cc
Subversion Users <us...@subversion.tigris.org>
Subject
Re: Disallowing read permission for a single user






Yes, looks very similar.

Any idea how to fix it? There is currently no fixed attached to the
ticket.

On Mo, 2008-03-31 at 11:17 +0100, david.x.grierson@jpmorgan.com wrote:
> Hi Erik,
> 
> I think this is the same as the defect I raised here -> 
> http://subversion.tigris.org/issues/show_bug.cgi?id=2907
> 
> Regards,
> 
> David.
[attachment "signature.asc" deleted by David X Grierson/JPMCHASE] 

Generally, this communication is for informational purposes only
and it is not intended as an offer or solicitation for the purchase
or sale of any financial instrument or as an official confirmation
of any transaction. In the event you are receiving the offering
materials attached below related to your interest in hedge funds or
private equity, this communication may be intended as an offer or
solicitation for the purchase or sale of such fund(s).  All market
prices, data and other information are not warranted as to
completeness or accuracy and are subject to change without notice.
Any comments or statements made herein do not necessarily reflect
those of JPMorgan Chase & Co., its subsidiaries and affiliates.

This transmission may contain information that is privileged,
confidential, legally privileged, and/or exempt from disclosure
under applicable law. If you are not the intended recipient, you
are hereby notified that any disclosure, copying, distribution, or
use of the information contained herein (including any reliance
thereon) is STRICTLY PROHIBITED. Although this transmission and any
attachments are believed to be free of any virus or other defect
that might affect any computer system into which it is received and
opened, it is the responsibility of the recipient to ensure that it
is virus free and no responsibility is accepted by JPMorgan Chase &
Co., its subsidiaries and affiliates, as applicable, for any loss
or damage arising in any way from its use. If you received this
transmission in error, please immediately contact the sender and
destroy the material in its entirety, whether in electronic or hard
copy format. Thank you.
Please refer to http://www.jpmorgan.com/pages/disclosures for
disclosures relating to UK legal entities.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

Re: Disallowing read permission for a single user

[Erik Tews <e_...@cdc.informatik.tu-darmstadt.de>]

Yes, looks very similar.

Any idea how to fix it? There is currently no fixed attached to the
ticket.

On Mo, 2008-03-31 at 11:17 +0100, david.x.grierson@jpmorgan.com wrote:
> Hi Erik,
> 
> I think this is the same as the defect I raised here -> 
> http://subversion.tigris.org/issues/show_bug.cgi?id=2907
> 
> Regards,
> 
> David.

Re: Disallowing read permission for a single user

[da...@jpmorgan.com]

Hi Erik,

I think this is the same as the defect I raised here -> 
http://subversion.tigris.org/issues/show_bug.cgi?id=2907

Regards,

David.
--
David Grierson
JPMorgan - IB Architecture - Source Code Management Consultant
GDP 228-5574 / DDI +44 141 228 5574 / Email david.x.grierson@jpmorgan.com
Alhambra House 6th floor, 45 Waterloo Street, Glasgow G2 6HS
 



Erik Tews <e_...@cdc.informatik.tu-darmstadt.de> 
31/03/2008 11:15

To
Subversion Users <us...@subversion.tigris.org>
cc

Subject
Disallowing read permission for a single user






Hi

I have a repository and a lot of users. All users except john should be
able to read the data. John should not be allowed to read anything. Can
I configure this, without having to enumerate all users in authz.conf? I
tried this, but somehow, john is still allowed to read:

[rep:/]
* = r
john =

The same holds if I switch the lines with * and john.
[attachment "signature.asc" deleted by David X Grierson/JPMCHASE] 

Generally, this communication is for informational purposes only
and it is not intended as an offer or solicitation for the purchase
or sale of any financial instrument or as an official confirmation
of any transaction. In the event you are receiving the offering
materials attached below related to your interest in hedge funds or
private equity, this communication may be intended as an offer or
solicitation for the purchase or sale of such fund(s).  All market
prices, data and other information are not warranted as to
completeness or accuracy and are subject to change without notice.
Any comments or statements made herein do not necessarily reflect
those of JPMorgan Chase & Co., its subsidiaries and affiliates.

This transmission may contain information that is privileged,
confidential, legally privileged, and/or exempt from disclosure
under applicable law. If you are not the intended recipient, you
are hereby notified that any disclosure, copying, distribution, or
use of the information contained herein (including any reliance
thereon) is STRICTLY PROHIBITED. Although this transmission and any
attachments are believed to be free of any virus or other defect
that might affect any computer system into which it is received and
opened, it is the responsibility of the recipient to ensure that it
is virus free and no responsibility is accepted by JPMorgan Chase &
Co., its subsidiaries and affiliates, as applicable, for any loss
or damage arising in any way from its use. If you received this
transmission in error, please immediately contact the sender and
destroy the material in its entirety, whether in electronic or hard
copy format. Thank you.
Please refer to http://www.jpmorgan.com/pages/disclosures for
disclosures relating to UK legal entities.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org