hi, On Mon, Jan 26, 2009 at 11:11 PM, Thomas <[email protected]> wrote: > Today I thought about security of a private repository you are talking > about. How do you provide read-access to a private repository only for > the contributers? As far as I see, only write-access can be permitted > or forbidden, if a user knows the repository's name, he can clone > whatever he wants. This is only security through obscurity. Do you > have ideas how to improve control for read-access on private > repositories? Or do i miss something?
The way most people do it when they run a private install of Gitorious is to never actually set up the git-daemon, that way all push and pulling/cloning has to be done through ssh and thus relying on the pubkey and permissions (in gitorious) for the particular repository. > > Kind regards, > > Thomas Cheers, JS --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Gitorious" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/gitorious?hl=en -~----------~----~----~----~------~----~------~--~---
