On Thu, 7 Jul 2005, Eric W. Biederman wrote:
> For optimizing network bandwidth that sounds like the way to go.  For
> adhoc development I don't know.  For a central sever you still need
> an authenticated way to push content, which makes it another dimension
> of the problem.

I'm convinced that "ssh" is the only sane way for pushing. If you don't 
trust somebody enough to give him ssh access, you shouldn't trust him with 
write access to your project in the first place.

git can actually do ssh with a _very_ restricted shell, if people are 
worried about shell access. In fact, the _only_ think the shell needs to 
be able to do is execute one of two programs, so you could have something 
_really_ trivial in your /etc/passwd as the login shell that doesn't allow 
anything else. But you'd still use ssh as the authentication protocol.

So I don't worry about pushing. I think we've got that covered. It's 
really the anonymous pulling that needs something.

To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to