On Sun, 2009-12-20 at 19:31 -0800, Jesse Keating wrote: > On Sun, 2009-12-20 at 10:28 +0100, Hans Ulrich Niedermann wrote: > > Currently, it appears that I can push arbitrarily named branches, at > > least if the package does not have per branch ACLs: > > > > Yes, that makes sense given the way the ACL system works, it just wasn't > fully expected by me. A small change to the ACL generation script will > make sure that this sort of loophole is closed. > This has been done. The way the ACLs now work, if you are a packager, you can create branches in any package that start with "private-". This makes it even easier to pass changes around as you can tell the maintainer to pull from or merge from a private branch you've created. Nobody should be able to create any branches that do not start with "private-". If we wanted to lock this down more, and only allow you to commit to a private- branch only if you already have write access to some other branch (F-12, master, EL-5, whatever) then I'll have to add more logic to the ACL generation tool. But for now, I like the freedom we have. We'll make sure that the buildsystem will not allow any official (non-scratch) builds to happen from a private-* branch. -- Jesse Keating Fedora -- Freedom² is a feature! identi.ca: http://identi.ca/jkeating
Attachment:
signature.asc
Description: This is a digitally signed message part
-- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
