Project

General

Profile

Actions

Defect #6311

closed

Subversion : anonymous access rights unexpected behavior

Added by Julien Polo over 13 years ago. Updated over 13 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
SCM
Target version:
-
Start date:
2010-09-06
Due date:
% Done:

0%

Estimated time:
Resolution:
Affected version:

Description

(Ubuntu 10.04 install)
Redmine: 0.9.3
Postgresql 8.4
Ruby 1.8.7
Subversion 1.6.6

It may not be a bug but it still remains an "unexpected behavior". In project configuration, if "public" attribute is checked it bypasses the svn access rights set in the "Role and permission" section for (anonymous users).
That means that if you set (anonymous users) not to have rights to browse repository and if you check the public setting, they will still have rights to checkout the project anonymously.

As a redmine administrator in a company, a wrong configuration making the code public could be a really big mistake. As a consequences, I would suggest not to use this "public" project attribute for redmine/Svn but just use the regular Role & Permissions section.

Actions #1

Updated by Felix Schäfer over 13 years ago

  • Status changed from New to Closed

IIRC this has been solved in r3831 and is in 1.0.

Actions

Also available in: Atom PDF