I don't use darcs hooks and only understand what I have read about them skimming the manual.
But my understanding is that you can pretty much get darcs to execute arbitrary commands using prehook and posthook functionality. Since patch-tag is world accessible, clearly this is not a good thing :) Things are already locked down pretty tight for darcs over ssh by using a chroot jail but I thought I would ask the community if they could suggest best practices for how patch-tag could deal with darcs hooks in the safest and nicest possible way. For example, is there a way to disable hooks entirely, and if so would that be the right thing to do? Is there an argument that certain types of hook actions should be allowed/encouraged and would be beneficial to the patch-tag community? Thank -- Thomas Hartman Need somewhere to host your code? patch-tag.com Want to build a webapp? happstack.com _______________________________________________ darcs-users mailing list [email protected] http://lists.osuosl.org/mailman/listinfo/darcs-users
