Uploaded image for project: 'Subversion'
  1. Subversion
  2. SVN-3121

SVNAllowBulkUpdates mod_dav_svn directive



    • Improvement
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 1.5.x
    • 1.6.0
    • mod_dav_svn
    • None


      I've heard many times in recent weeks from enterprise-class consumers of
      Subversion who are bothered about the lack of file-level reporting.  Certainly
      Subversion's current mod_dav_svn operational logging leaves much to be desired
      for the security-concerned administrator who would like just a little more
      detail about what exact files were downloaded via Subversion than a one-liner
      "user foo did a checkout or export or update of /trunk", especially if they are
      employing path-based authorization.
      This isn't a problem for clients using ra_serf, which always asks for an update
      skelta and then fetches files with individual GET requests.  But while ra_neon
      used to behave this way, it no longer does by default, and you can't exactly
      force clients to use ra_serf in a way that isn't bypassable (User-agent
      spoofing, e.g.).
      So, how about a new mod_dav_svn directive when tells mod_dav_svn to flatly
      ignore requests for a send-all style update REPORT, and always reply with a
      skelta.  Ra_serf won't mind; ra_neon has fallback compatibility code that should
      be able to cope, too.  And administrators will get per-file GET request logging
      to ease the region of their minds that frets over security matters.


        1. 1_issue-3121-patch.txt
          7 kB
          C. Michael Pilato

        Issue Links



              Unassigned Unassigned
              cmpilato C. Michael Pilato
              0 Vote for this issue
              0 Start watching this issue