On Mon, Aug 17, 2009 at 11:04 AM, Grant Husbands <[email protected]>wrote:
> Miklos Vajna wrote: > > I think the problem is that you can push a setpref patch, then a simple > > 'darcs apply' will fire you as well. > > This sounds like quite a risk, indeed. I wonder whether we could > disable the security-risk patches by default, in future Darcs > versions. In the past darcs has always been developed with the conceptual model that anyone who can push to your repository is trusted. In other words, security is handled at a layer external to darcs. Changing that assumption would take careful planning and consensus. Not impossible, but not simple either :) Jason
_______________________________________________ darcs-users mailing list [email protected] http://lists.osuosl.org/mailman/listinfo/darcs-users
