Rene Scharfe <rene.scharfe@xxxxxxxxxxxxxx> writes: > Junio C Hamano schrieb: >> Franck Bui-Huu <vagabon.xyz@xxxxxxxxx> writes: >> >>> 1/ Allow 'git-upload-archive' command to enable/disable some >>> formats. This should be done by 'git-upload-archive'. >> >> Perhaps. I was thinking about the way how a site administrator can >> configure such when upload-archive is spawned via git-daemon (for >> users coming from ssh and spawn an upload-archive on their own, it's >> their own process and upload-archive has no business deciding what is >> allowed and what is forbidden). Not very many clean ways I can >> think of unfortunately. > > Mmpf, ssh is (one of the things) in my blind spot. Do you mean a > ssh+git-shell connection? One could argue that since this is a > restricted connection anyway upload-archive _has_ a right to restrict > archive format etc., too. On a full, unrestricted ssh connection one > can start git-archive directly. I'd do that anyway because I'm used to > do this with tar. ;-) Ah, I was not thinking about git-shell and it might want to be restrictive. > ... Mmh, maybe an environment variable > which is set by the daemon can be used? This is no dirtier than what > webservers do.. Exactly my thought, except "no dirtier" part I did not think through but now you said it I tend to agree. So site administrator can ask git-daemon to export some environment variable that git-upload-archive notices and restrict service. If we choose to we can add a similar facility to set the same environment variable to git-shell, so services to retricted ssh users can be limited the same way by the administrator. That sounds like a good plan; we do not have to do that for git-shell until somebody asks. - To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html