On Sun, Aug 16, 2009 at 3:19 PM, Miklos Vajna<[email protected]> wrote: > On Fri, Aug 07, 2009 at 10:26:50PM +0200, Nicolas Pouillard > <[email protected]> wrote: >> > > You can use a custom restricted shell for these users. You could only >> > > allow to call "darcs apply". >> > >> > And then they commit a patch that contains a fork bomb with a 'darcs apply >> > -- >> > post-hook ./forkbomb --run-posthook' and you're still fried. >> >> Of course you have to carefully check the flags that are given to darcs >> apply. > > I think the problem is that you can push a setpref patch, then a simple > 'darcs apply' will fire you as well. > > That's why - because of the security problem, by design - for example > git does not allow you to push such 'setpref' patches at all.
Hum then maybe having an option to forbid this to darcs apply would help. -- Nicolas Pouillard _______________________________________________ darcs-users mailing list [email protected] http://lists.osuosl.org/mailman/listinfo/darcs-users
