You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@subversion.apache.org by Kamesh Jayachandran <ka...@collab.net> on 2012/07/19 16:28:53 UTC
RE: svn commit: r1363336 - /subversion/trunk/notes/authz_policy.txt
small typo.
-he or see
+he or she
With regards
Kamesh Jayachandrancmpilato@apache.org wrote:Author: cmpilato
Date: Thu Jul 19 13:54:38 2012
New Revision: 1363336
URL: http://svn.apache.org/viewvc?rev=1363336&view=rev
Log:
* notes/authz_policy.txt
(REVISION PROPERTIES): It's been years, but document the reasoning
behind revprop access gating at all, noting specifically why we
don't care about a user's write access to changed paths when
considering revprop get/set acccess.
Modified:
subversion/trunk/notes/authz_policy.txt
Modified: subversion/trunk/notes/authz_policy.txt
URL: http://svn.apache.org/viewvc/subversion/trunk/notes/authz_policy.txt?rev=1363336&r1=1363335&r2=1363336&view=diff
==============================================================================
--- subversion/trunk/notes/authz_policy.txt (original)
+++ subversion/trunk/notes/authz_policy.txt Thu Jul 19 13:54:38 2012
@@ -111,6 +111,21 @@ WHAT USERS SHOULD EXPECT FROM PATH-BASED
This situation is quite annoying for people who can't read all the
changed-paths.
+ Notice that for the purposes of gating read and write access to
+ revision properties, Subversion never considers the user's *write*
+ access to the changed-paths. To understand the reason behind this,
+ it helps to understand why revprop access is gated at all.
+ Subversion assumes that revprops for a given revision -- especially
+ the log message (svn:log) property -- are likely to reveal paths
+ modified in that revision. It is precisely because Subversion
+ tries not to reveal unreadable paths to users that revprop access
+ is limited as described above. So as long as the user has the
+ requisite read access to the changed-paths, it's okay if he or see
+ lacks write access to one or more of those paths when attempting to
+ set or change revprops -- the information Subversion is trying to
+ protect through its revprop access control is considered safe to
+ reveal to that user.
+
6. KNOWN LEAKAGE OF UNREADABLE PATHS
Re: svn commit: r1363336 - /subversion/trunk/notes/authz_policy.txt
Posted by "C. Michael Pilato" <cm...@collab.net>.
On 07/19/2012 10:28 AM, Kamesh Jayachandran wrote:
> small typo.
>
> -he or see
> +he or she
Oops! Thanks. Fixed in r1363357.
--
C. Michael Pilato <cm...@collab.net>
CollabNet <> www.collab.net <> Enterprise Cloud Development