Branko Čibej created SVN-4794:
---------------------------------
Summary: Duplicate ACEs are merged but should be rejected
Key: SVN-4794
URL: https://issues.apache.org/jira/browse/SVN-4794
Project: Subversion
Issue Type: Bug
Components: svnauthz, libsvn_repos
Affects Versions: trunk, 1.10.x, 1.11.x
Reporter: Branko Čibej
Attachments: authz-entry-collision.patch
In the authz semantics up to 1.9, a duplicate access entry for the same rule
would replace a previous such entry:
{noformat}
[/]
user = rw
user = r
{noformat}
This was valid, and the second entry replaced the first, giving _user_
read-only access.
In 1.10+, these entries are silently merged, giving _user_ rear/write access.
This is clearly bad because it can *silently* change the meaning of access
rules.
*Proposal:* duplicate authz rules should be rejected, i.e., the example above
should become an error. Whilst this will break some existing pre-1.10 authz
files, it will not silently change their meaning. Besides, duplicate entries
are most likely either an error or the result of duplicate rules, which are
also forbidden in 1.10+.
The attached patch implements this proposal. Examples:
{noformat}
$ cat authz.conf
[/]
user = rw
user = r
$ svnauthz validate authz.conf
svnauthz: E220003: Error while parsing authz file: 'authz.conf':
svnauthz: E220003: Duplicate access entry 'user' in rule [/]
{noformat}
{noformat}
$ cat authz.conf
[/]
$authenticated = rw
~$anonymous = r
$ svnauthz validate authz.conf
svnauthz: E220003: Error while parsing authz file: 'authz.conf':
svnauthz: E220003: Duplicate access entry '~$anonymous' (matches
'$authenticated') in rule [/]
{noformat}
{noformat}
$ cat authz.conf
[aliases]
resu = user
[/]
~&resu = rw
~user = r
$ svnauthz validate authz.conf
svnauthz: E220003: Error while parsing authz file: 'authz.conf':
svnauthz: E220003: Duplicate access entry '~&resu' (matches '~user') in rule [/]
{noformat}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
