Hi Thomas, you are right, anyone who knows the name of the repository can clone it etc. I suppose what Johan suggests will work in a private installation situation, but not if you want to have a real mix of public and private. I think in that case the git-daemon must be running, so the problem is securing the private projects.
I have a couple of early ideas on making that possible, but haven't had much time to work on it lately. It's the next item in my to-do list. If anyone has any ideas or advice to offer, please do! Peter On Jan 27, 9:11 am, Thomas <[email protected]> wrote: > Hi there, > > until now I've not been a contributer in the gitorious group yet, but > I like the discussions and I like gitorious much more. Hopefully we > can switch at our company to git (and gitorious as frontend) really > soon! You've done a great job so far. > > Today I thought about security of a private repository you are talking > about. How do you provide read-access to a private repository only for > the contributers? As far as I see, only write-access can be permitted > or forbidden, if a user knows the repository's name, he can clone > whatever he wants. This is only security through obscurity. Do you > have ideas how to improve control for read-access on private > repositories? Or do i miss something? > > Kind regards, > > Thomas --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Gitorious" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/gitorious?hl=en -~----------~----~----~----~------~----~------~--~---
