trac.versioncontrol.admin component should be optional
|Reported by:||Owned by:||Remy Blank|
In 0.12 the RepositoryAdmin page allows to configure repository access through the web. For systems with multiple user groups who are trusted for their own projects but not for others there's a potential security issue as they could add the foreign repositories to their Trac through the admin page and thus read them.
Disabling trac.versioncontrol.admin.* in trac.ini is not possible because the component is required by e.g. the resync operation. rblank suggested that the component should be moved to a different once making it independent of other functionality.
In general, it would be a great addition if the component could be implemented in a way that makes it usable for a setup as described above, e.g. by adding a configuration option for setting a parent path in the trac.ini which is common to the repositories setup via web. E.g. if the allowed repositories are at /var/svn/myprojects this could be set in trac.ini so that repositories with other parent paths can't be made visible. That way group1 could have their projects at /var/svn/myprojects1 and configure them using RepositoryAdmin while they can't access /var/svn/myprojects2. Of course, this option may not be editable on the Admin pages.
Change History (13)
follow-up: 4 comment:1 by , 10 years ago
|Component:||general → version control|
|Priority:||normal → high|