'=?UTF-8?B?W0lzc3VlIDI0ODZdIE5ldyAtIFN2bnNlcnZlIDEuMyBhdXRoejogdw==?='

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       subversion-issues
Subject:    =?UTF-8?B?W0lzc3VlIDI0ODZdIE5ldyAtIFN2bnNlcnZlIDEuMyBhdXRoejogdw==?=
From:       lgo () tigris ! org
Date:       2006-01-22 20:51:19
Message-ID: 20060122205119.1024.qmail () tigris ! org
[Download RAW message or body]

http://subversion.tigris.org/issues/show_bug.cgi?id=2486
                 Issue #|2486
                 Summary|Svnserve 1.3 authz: writing on subfolder requires read
                        | access on repository root
               Component|subversion
                 Version|1.3.x
                Platform|PC
                     URL|
              OS/Version|All
                  Status|NEW
       Status whiteboard|
                Keywords|
              Resolution|
              Issue type|DEFECT
                Priority|P3
            Subcomponent|libsvn_repos
             Assigned to|issues@subversion
             Reported by|lgo






------- Additional comments from lgo@tigris.org Sun Jan 22 12:51:19 -0800 2006 -------
Environment: Subversion 1.3 on Windows (XP)
             svnserve standalone.
             
Problem description:

When using the new authz code in svnserve 1.3, if a user needs access on a
folder, she has to have read access on the repository root as well.
[ Thread on users list is available at:
http://svn.haxx.se/users/archive-2006-01/0469.shtml ]
[ Thread on dev list started at: http://svn.haxx.se/dev/archive-2006-01/0406.shtml ]

Example environment: 
- a repository in c:\svn\repos
- a working copy of that repository pointing to svn://localhost/repos/trunk
- an authz access file containing:

[/]
* =

[repos:/trunk]
* = rw

When committing a changed file from the working copy, the commit will fail with
error:
Error: Commit failed (details follow):  
Error: Access denied  

If we now change the first section, the commit succeeds:
[/]
* = r

A check in the code, and a short discussion with David Anderson on irc learned that:
- svnserve requires read access to the repository root for commits.
- this behaviour is by design.
- mod_authz_svn doesn't have this behaviour, making both implementations of the
same authz model incompatible

This problem typically impacts teams that store more than one project in a
repository, where the projects are subfolders in the repository root folder.
However, this feature is new in svnserve 1.3 so it probably has no high impact.

The root cause of this issue seems to be this:

libsvn_repos/commit.c open_root(): added in r15608
  /* Check read access to root */
  SVN_ERR(check_authz (eb, "/", eb->txn_root, svn_authz_read, pool));

The read access is needed so subversion can 'cd' in the root folder and move
down to the target folder.

My suggested solution is to introduce an svn_authz_execute access right
internally, but to not expose it to the outside world. Instead,
svn_authz_execute is granted on a folder automatically when the user has read or
write rights on the folder or one of its subfolders. 
So in this case the folder we check on is the repository's root folder, the
svn_authz_execute access right is granted whenever someone has r/w access
somewhere in that repository.

If people agree with this solution, I'll provide a patch.

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@subversion.tigris.org
For additional commands, e-mail: issues-help@subversion.tigris.org

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic