[git-users] User Restrictions....
Is it possible to allow commit, or patch apply, permissions for a user, but only if they aren't the ones that made the modification? For instance, if someone submits a patch to the user, the user will be able to apply the patch; however, if the user creates a patch, the user shouldn't have the ability to apply the patch. Is this possible with GIT? -- You received this message because you are subscribed to the Google Groups "Git for human beings" group. To post to this group, send email to git-us...@googlegroups.com. To unsubscribe from this group, send email to git-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/git-users?hl=en.
Re: [git-users] User Restrictions....
On Thu, Jan 21, 2010 at 11:23:13AM -0800, Jeffda wrote: > Is it possible to allow commit, or patch apply, permissions for a > user, but only if they aren't the ones that made the modification? For > instance, if someone submits a patch to the user, the user will be > able to apply the patch; however, if the user creates a patch, the > user shouldn't have the ability to apply the patch. Is this possible > with GIT? If a user has local copy of the data, he can freely modify the data and you can't do anything about it; at worst they would just open the file in a text editor and reproduce the changed made in the patch manually. At most you could do some complex obfuscation scheme that will self-checksum the source during build or something, but nothing you could do is going to be incircemventable. -- Petr "Pasky" Baudis A lot of people have my books on their bookshelves. That's the problem, they need to read them. -- Don Knuth -- You received this message because you are subscribed to the Google Groups "Git for human beings" group. To post to this group, send email to git-us...@googlegroups.com. To unsubscribe from this group, send email to git-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/git-users?hl=en.
[git-users] Re: User Restrictions....
On Jan 21, 10:23 pm, Jeffda wrote: > Is it possible to allow commit, or patch apply, permissions for a > user, but only if they aren't the ones that made the modification? For > instance, if someone submits a patch to the user, the user will be > able to apply the patch; however, if the user creates a patch, the > user shouldn't have the ability to apply the patch. Is this possible > with GIT? I have no idea about why you would need such a puzzling requiement for your setup, but it seems the way to go (wich will work only if your users are below certain level of incompetence) is to create your own wrapper on top of Git (or even a GUI tool) which would: a) allow only a limited subset of operations; b) check input data for them. Note that while working with such a wrapper, the user should not ever notice it is dealing with Git; otherwise inventing such contraptions is futile. -- You received this message because you are subscribed to the Google Groups "Git for human beings" group. To post to this group, send email to git-us...@googlegroups.com. To unsubscribe from this group, send email to git-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/git-users?hl=en.
Re: [git-users] User Restrictions....
On Thu, Jan 21, 2010 at 11:23, Jeffda wrote: > Is it possible to allow commit, or patch apply, permissions for a > user, but only if they aren't the ones that made the modification? For > instance, if someone submits a patch to the user, the user will be > able to apply the patch; however, if the user creates a patch, the > user shouldn't have the ability to apply the patch. Is this possible > with GIT? > You could have some hooks setup on a central repository to check that the author and committer are always different, and reject the push, if they're not. However, there is nothing to prevent the user from lying about the author & committer name/email/date information, when they make the commit. -Jacob -- You received this message because you are subscribed to the Google Groups "Git for human beings" group. To post to this group, send email to git-us...@googlegroups.com. To unsubscribe from this group, send email to git-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/git-users?hl=en.
[git-users] Re: User Restrictions....
Thanks for the replies/ideas. I think I'll stick with your idea, Jacob, unless someone has an even more secure solution that's simpler than creating a wrapper. Creating a wrapper is a good idea, I just don't know how to, and I don't have time to figure out how to create one. Thanks again. -- You received this message because you are subscribed to the Google Groups "Git for human beings" group. To post to this group, send email to git-us...@googlegroups.com. To unsubscribe from this group, send email to git-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/git-users?hl=en.
[git-users] Re: User Restrictions....
You might want to do this in the form of requiring signed-off-by lines. That'd be a relatively easy thing to check for in an update hook; sure, they're a little easier to fake than authorship information, but they permanently record the information. On Jan 21, 5:14 pm, Jeffda wrote: > Thanks for the replies/ideas. I think I'll stick with your idea, > Jacob, unless someone has an even more secure solution that's simpler > than creating a wrapper. Creating a wrapper is a good idea, I just > don't know how to, and I don't have time to figure out how to create > one. > > Thanks again. -- You received this message because you are subscribed to the Google Groups "Git for human beings" group. To post to this group, send email to git-us...@googlegroups.com. To unsubscribe from this group, send email to git-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/git-users?hl=en.