Re: dist-git proof of concept phase 2 ready for testing

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, 2009-12-20 at 19:31 -0800, Jesse Keating wrote:
> On Sun, 2009-12-20 at 10:28 +0100, Hans Ulrich Niedermann wrote:
> > Currently, it appears that I can push arbitrarily named branches, at
> > least if the package does not have per branch ACLs:
> > 
> 
> Yes, that makes sense given the way the ACL system works, it just wasn't
> fully expected by me.  A small change to the ACL generation script will
> make sure that this sort of loophole is closed.
> 

This has been done.  The way the ACLs now work, if you are a packager,
you can create branches in any package that start with "private-".  This
makes it even easier to pass changes around as you can tell the
maintainer to pull from or merge from a private branch you've created.

Nobody should be able to create any branches that do not start with
"private-".

If we wanted to lock this down more, and only allow you to commit to a
private- branch only if you already have write access to some other
branch (F-12, master, EL-5, whatever) then I'll have to add more logic
to the ACL generation tool.  But for now, I like the freedom we have.

We'll make sure that the buildsystem will not allow any official
(non-scratch) builds to happen from a private-* branch.


-- 
Jesse Keating
Fedora -- Freedom² is a feature!
identi.ca: http://identi.ca/jkeating

Attachment: signature.asc
Description: This is a digitally signed message part

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux