On Thu, Oct 18, 2012 at 2:06 PM, Thomas Åkesson <tho...@akesson.cc> wrote: > There was a discussion in April 2010 regarding the "fix" for issue 2753. > http://svn.haxx.se/dev/archive-2010-04/0277.shtml > [...]
> > During the 2010 discussion Mike suggested something that we (Simonsoft) > would be very happy to see implemented: > > In a perfect world, I would expect that requests to the parent directory > would not be authz-denied, but that each repository in the listing of > repositories would be authz-checked against the authz configuration. In > other words, say I have a parent-path with three repositories: calc, watch, > lamp. And say I have an authz file like so: > > [lamp:/] > * = > > I would expect that a request to the parent directory would yield a listing > that included the 'calc' and 'watch' repositories, but not the 'lamp' one. > > Hi Thomas, I'm working on the patch to list only readable repositories. There is already TODO comment in the code by cmpilato: subversion\mod_dav_svn\repos.c:3461 [[[ /* ### TODO: We could test for readability of the root directory of each repository and hide those that the user can't see. */ ]]] -- Ivan Zhakov