The WC operations that alter stuff in .svn should be isolated at the code level. It isn't enough to have a human-level policy on what needs to be loggy and what cannot. At some point, a human will miss the policy and create a bug that leaves the WC admin area in an inconsistent state. Specifically, we should have a "open admin area" function that locks the directory, and returns a baton. That baton is then needed to perform modifications, or even to (say) return a pathname to a text-base (preventing a person from modifying the text-base without the lock and its baton). Note that we can also read and cache the entries in the baton, then write them out when the baton is closed (and the log is run and the lock removed), thus optimizing the whole multiple read/write of the entries that we're doing now.