Re: How to identify the users?
On 01/31/2013 12:23 PM, Scott Yan wrote: Sitaram: It seems I must host my central repo on Gitolite first... There is no must but yes it is a decent solution and can, in principle, do the kind of checking you want if you set it up to do that. Please note that I don't use that mode and, as my rant would have indicated, I don't think it's a smart thing to do. I don't know Gitolite much, but you are right, maybe I should use Gitolite as my git server. I'll find more documents about gitolite these days, can you give me some suggestion which tutorial should I read? Thanks! ps: my OS is windows. Try http://therightstuff.de/CommentView,guid,b969ea4d-8d2c-42af-9806-de3631f4df68.aspx I normally don't mention blog posts (favouring instead the official documentation) but Windows is an exception. Hence the link. Good luck. -- To unsubscribe from this list: send the line unsubscribe git in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: How to identify the users?
Thanks, Andrew. you said: --have the server reject commits that have the 'committer' set to someone other then the authenticated user but I don't know how to do that? Our central repository is hosted by apache, and there are some username and passwords saved by apache to authentication valid user, but as I know, there are no relation between the apache username and the git client user ino (saved in .gitconfig), so can you describe some detail? Regards, Scott Yan On Thu, Jan 31, 2013 at 1:56 PM, Andrew Ardill andrew.ard...@gmail.com wrote: On 31 January 2013 16:52, Scott Yan scottya...@gmail.com wrote: The user info of git client (user name and email) is set by the users themselves, so , how to avoid userA pretend to be userB? Git server could authentication the user, but it do nothing about the user info of commit message. The simplest thing is to have the server reject commits that have the 'committer' set to someone other then the authenticated user. Of course, there are potential workflows that this would cause problems for, such as if you sync directly to another user's repository and then try and push those to a central server. The most robust system would probably involve using signed tags to verify what is being pushed, however I am not aware of any set-ups that have done this yet. Regards, Andrew Ardill -- To unsubscribe from this list: send the line unsubscribe git in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: How to identify the users?
On Thu, 31 Jan 2013 13:52:32 +0800, Scott Yan scottya...@gmail.com wrote: Hello everyone: The user info of git client (user name and email) is set by the users themselves, so , how to avoid userA pretend to be userB? Git server could authentication the user, but it do nothing about the user info of commit message. For example: There are 20 people of my team, and everyone can push to the public repository(git server), If I found some backdoor code in my project, and the commit record shows it was committed by userA, so I ask userA: why do you do this? but he told me: no, this is not my code, I have never committed such thing. and yes, everyone could change his user info to userA very easily . so... what should I do to avoid such situations? gitolite keeps a log of which SSH user pushed which commits. The smart-http backend does the same if you have reflog enabled on the server (see the ENVIRONMENT section in man git-http-backend). So unless someone can steal userA's credentials (http password, ssh key) you'll be able to detect who it really was. -- To unsubscribe from this list: send the line unsubscribe git in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: How to identify the users?
(resending previous response. Forgot to turn off HTML, and apprently gmail doesn't wrap lines automatically anymore?) On 31 January 2013 16:52, Scott Yan scottya...@gmail.com wrote: The user info of git client (user name and email) is set by the users themselves, so , how to avoid userA pretend to be userB? Git server could authentication the user, but it do nothing about the user info of commit message. The simplest thing is to have the server reject commits that have the 'committer' set to someone other then the authenticated user. Of course, there are potential workflows that this would cause problems for, such as if you sync directly to another user's repository and then try and push those to a central server. The most robust system would probably involve using signed tags to verify what is being pushed, however I am not aware of any set-ups that have done this yet. Regards, Andrew Ardill -- To unsubscribe from this list: send the line unsubscribe git in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: How to identify the users?
Thanks to all.
Tomas:
I can't find reflog setting of git-http-backend
doc(http://www.kernel.org/pub/software/scm/git/docs/git-http-backend.html),
I tried this setting:
git config core.logAllRefUpdates true
and after some test push, the output is as below:
git log -g master
commit d34e61baa28eabf46ba5e9f6a2feb24cc683ed39
Reflog: master@{0} (Scott Yan scottya...@gmail.com)
Reflog message: push
Author: Scott Yan scottya...@gmail.com
Date: Thu Jan 31 14:19:30 2013 +0800
this log shows when pushed, but still can't tell Who, because the
author info may be fake.
I don't know if I made some mistake.
Sitaram:
It seems I must host my central repo on Gitolite first...
I don't know Gitolite much, but you are right, maybe I should use
Gitolite as my git server.
I'll find more documents about gitolite these days,
can you give me some suggestion which tutorial should I read? Thanks!
ps: my OS is windows.
Regards,
Scott Yan
On Thu, Jan 31, 2013 at 2:10 PM, Sitaram Chamarty sitar...@gmail.com wrote:
On 01/31/2013 11:38 AM, Tomas Carnecky wrote:
On Thu, 31 Jan 2013 13:52:32 +0800, Scott Yan scottya...@gmail.com wrote:
Hello everyone:
The user info of git client (user name and email) is set by the users
themselves, so , how to avoid userA pretend to be userB?
Git server could authentication the user, but it do nothing about the
user info of commit message.
For example:
There are 20 people of my team, and everyone can push to the public
repository(git server),
If I found some backdoor code in my project, and the commit record
shows it was committed by userA, so I ask userA: why do you do this?
but he told me: no, this is not my code, I have never committed such
thing. and yes, everyone could change his user info to userA very
easily .
so... what should I do to avoid such situations?
gitolite keeps a log of which SSH user pushed which commits. The smart-http
backend does the same if you have reflog enabled on the server (see the
ENVIRONMENT section in man git-http-backend). So unless someone can steal
userA's credentials (http password, ssh key) you'll be able to detect who it
really was.
See also my rant on this topic:
https://github.com/sitaramc/gitolite/blob/master/src/VREF/EMAIL-CHECK#L37
--
To unsubscribe from this list: send the line unsubscribe git in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
