subversion-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Sperling <s...@elego.de>
Subject Re: view log problem with path authorization
Date Mon, 30 May 2016 10:57:40 GMT
On Tue, May 24, 2016 at 08:40:29AM +0000, Phil Crooker wrote:
> Newbie question - I have authenticated users with read or r/w access are unable to view
logs, eg:
> 
> 
>     # svn --username whatever --password xxxxx svn://svn/repos/project/yada.txt
> 
>     svn: Item is not readable
> 
> I must grant anonymous read access in authz and then it works:
> 
> 
>     [/]
> 
>         * = r
> 
> 
> I've seen this reported earlier but no answer:
> 
> 
>     http://svn.haxx.se/users/archive-2011-02/0141.shtml
> 
>     http://stackoverflow.com/questions/6651997/svn-show-log-not-working
> 
> 
> My question is why can't an authenticated user who has rights see the logs?

Hi Phil,

The use case scenario behind the design of the authz feature is the following:

Imagine you're setting up a competition, where teams apply to compete
and write some piece of software for you based on a specification.
Your competition has the following contraints:
 - No team should be aware of who else is competing.
 - You're hosting all competing teams in a single repository.

In this scenario, the following information must be protected:
 - file content
 - the knowledge of which paths exist in the repository
 - the knowledge of which authors make commits to the repository

'svn log' shows always the author name, and the list of changed paths
is available with 'svn log -v'. And because log messages are free-form,
they may contain content which would leak such information.
For example, developers might refer to each other in log messages
("Review by: Robert") or they might refer to paths in the repository
("team1/project1/main.c: Fix crash with --help option.")

That's why, if any path in the changed paths list of a revision is
forbidden to the authenticated user, the *entire* information which
would be provided by 'svn log' is hidden from that user.

I suspect that, in your scenario, SVN denies access to the revision
log based on the above reasoning.

Mime
View raw message