Repository Security

view
thread

Score:

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

[view in full thread]

From: Andre Masella <andre@...>

To: <git@...>

Subject: Repository Security

Date: Monday, January 22, 2007 - 3:33 pm

I've been using git for a while and really like it, but I have a concern about 
security.

As I understand it, none of the repository backends allow any per-user 
per-branch access control. SSH and HTTP come the closest with the right 
hooks, but since the repository is writeable by those users, there is little 
to stop them from changing the repository directly.

If this is truly the case, I was thinking of creating something similar to 
SVN's Apache plugin to provide more sophisticated access control. I'm leaning 
toward the HTTP remote (transport? backend? What's the right term?) because 
Apache can do many kinds of authentication. I could also make the HTTP less 
dumb, if I had a better idea what that might involve. This could also be a 
way to solve the requests for remote repository creation I see in the survey.

So, before I start, I would like to get ideas from others...or be told this is 
a waste of time. Thanks.
-- 
--Andre Masella (andre at masella.no-ip.org)
-
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Repository Security, Andre Masella, (Mon Jan 22, 3:33 pm)

Re: Repository Security, Johannes Schindelin, (Tue Jan 23, 5:41 am)

Re: Repository Security, Andre Masella, (Tue Jan 23, 9:23 am)

Re: Repository Security, Andy Parkins, (Tue Jan 23, 11:00 am)

Re: Repository Security, Johannes Schindelin, (Tue Jan 23, 10:29 am)

Re: Repository Security, Martin Langhoff, (Mon Jan 22, 7:46 pm)

Re: Repository Security, Shawn O. Pearce, (Mon Jan 22, 4:53 pm)

Re: Repository Security, Andre Masella, (Tue Jan 23, 9:23 am)

Navigation

Mail archive search

Popular discussions


linux-kernel:
Ryan Hope	reiser4 for 2.6.27-rc1
hooanon05	[PATCH 63/67] aufs mount helper
Rafael J. Wysocki	2.6.26-rc9-git12: Reported regressions from 2.6.25
Peter Zijlstra	Re: [ANNOUNCE] mdb: Merkey's Linux Kernel Debugger 2.6.27-rc4 released
git:
Ken Pratt	pack operation is thrashing my server
しらいしななこ	[PATCH] Update Japanese translation
Christian Couder	[PATCH] Documentation: help: explain 'man.viewer' multiple values
Dennis Schridde	Odd number of elements in anonymous hash
openbsd-misc:
GVG GVG	ssh_exchange_identification: Connection closed by remote host
Chris	avoid logging useless ssh brute force attempts
Ray Percival	Re: Real men don't attack straw men
Marius ROMAN	1440x900 resolution problem
linux-activists:
Jim Winstead Jr.	Re: Root Disk/Book Disk Compatibility
Doug Evans	Re: Stabilizing Linux
Stephen Pierce	SLS
Mark Evans	Re: Possible bug in TCP/IP stuff of kernel (0.99p5 on up).

Latest forum posts


trouble with my Asus Mainboard	3 hours ago	Linux kernel
what is "callback function"?.can anyone explain me please..	23 hours ago	Linux general
unable to remove block device driver module	1 day ago	Linux kernel
Is there anything like Real-time drivers?	2 days ago	Linux general
I can't allocate more than 4 MB with pci_alloc_consistent	2 days ago	Linux kernel
Resetting the bios password for Toshiba Laptop	2 days ago	Hardware
Kernel panic while installing fedora core 5 or ubuntu	3 days ago	Hardware
Interactive Linux kernel map	3 days ago	Linux kernel
unable to add a variable in buffer_head struct	3 days ago	Linux kernel
Linux Input driver - setting scaling/resolution on USB mouse	4 days ago	Linux kernel

Show all forums...

Colocation donated by:

Online users

Syndicate