Re: fine

2011-06-02 Thread Nico Kadel-Garcia
On Thu, Jun 2, 2011 at 4:54 PM, Andy Levy wrote: > On Thu, Jun 2, 2011 at 16:47, alexus wrote: >> ok, path based authentication how would I accomplish that? >> >> I'm using apache for svn, I'm not using svnserve >> > > 90% of the time, the manual has the answers. This is one of those > times. >

Re: fine

2011-06-02 Thread Andy Levy
On Thu, Jun 2, 2011 at 16:47, alexus wrote: > ok, path based authentication how would I accomplish that? > > I'm using apache for svn, I'm not using svnserve > 90% of the time, the manual has the answers. This is one of those times. http://svnbook.red-bean.com/nightly/en/svn.serverconfig.pathbas

Re: fine

2011-06-02 Thread alexus
ok, path based authentication how would I accomplish that? I'm using apache for svn, I'm not using svnserve On Thu, Jun 2, 2011 at 4:17 PM, Bob Archer wrote: > >> is there a way to restrict users to commit only to a /branches vs > >> /trunk? > > > Two ways.. > > > > 1. Path based authenticati

RE: fine

2011-06-02 Thread Bob Archer
>> is there a way to restrict users to commit only to a /branches vs >> /trunk? > Two ways.. > > 1. Path based authentication... don't give them write access. of course I meant path based authorization here. I would like to the book here, but it doesn't seem to be coming up. > > 2. Pre-commit

RE: fine

2011-06-02 Thread Bob Archer
Two ways.. 1. Path based authentication... don't give them write access. 2. Pre-commit hook... have the hook not allow commits to /trunk (or course you will need a way around the hook.) BOb From: alexus [mailto:ale...@gmail.com] Sent: Thursday, June 02, 2011 3:06 PM To: users@subversion.apach

Re: Fine and secure dining, was Re: svnadmin create and not being method agnostic

2011-01-06 Thread Johan Corveleyn
On Thu, Jan 6, 2011 at 1:29 AM, Nico Kadel-Garcia wrote: > On Wed, Jan 5, 2011 at 2:19 PM, Les Mikesell wrote: > >> Of course you _can_ secure it.  My point is that permitting ssh and >> restricting access to ssh by itself is very likely to make your system less >> secure (if you count on firewal

Re: Fine and secure dining, was Re: svnadmin create and not being method agnostic

2011-01-05 Thread Nico Kadel-Garcia
On Wed, Jan 5, 2011 at 2:19 PM, Les Mikesell wrote: > Of course you _can_ secure it.  My point is that permitting ssh and > restricting access to ssh by itself is very likely to make your system less > secure (if you count on firewall protections) instead of more so. And > nothing that can be don

Re: Fine and secure dining, was Re: svnadmin create and not being method agnostic

2011-01-05 Thread Les Mikesell
On 1/5/2011 1:04 PM, David Brodbeck wrote: It's possible to do secure Subversion. Use svn+ssh access, disable or block other services at the firewall, If ssh is permitted and you didn't personally set it up, what are the odds that port tunneling or ssh's built i

Re: Fine and secure dining, was Re: svnadmin create and not being method agnostic

2011-01-05 Thread David Brodbeck
On Mon, Jan 3, 2011 at 8:46 AM, Les Mikesell wrote: > On 1/2/2011 9:43 PM, Nico Kadel-Garcia wrote: > >> >> It's possible to do secure Subversion. Use svn+ssh access, disable or >> block other services at the firewall, >> > > If ssh is permitted and you didn't personally set it up, what are the o

Re: Fine and secure dining, was Re: svnadmin create and not being method agnostic

2011-01-04 Thread Nico Kadel-Garcia
On Mon, Jan 3, 2011 at 11:46 AM, Les Mikesell wrote: > On 1/2/2011 9:43 PM, Nico Kadel-Garcia wrote: >> >> It's possible to do secure Subversion. Use svn+ssh access, disable or >> block other services at the firewall, > > If ssh is permitted and you didn't personally set it up, what are the odds >

Re: Fine and secure dining, was Re: svnadmin create and not being method agnostic

2011-01-03 Thread Les Mikesell
On 1/2/2011 9:43 PM, Nico Kadel-Garcia wrote: It's possible to do secure Subversion. Use svn+ssh access, disable or block other services at the firewall, If ssh is permitted and you didn't personally set it up, what are the odds that port tunneling or ssh's built in socks proxy will allow acc