2010/1/15 Ilari Liusvaara <ilari.liusvaara@xxxxxxxxxxx>: > On Fri, Jan 15, 2010 at 11:42:19AM +0530, Arun Raghavan wrote: >> >> Another thought - would it be acceptable to have a config option to >> enable/disable these types of hooks, so that people who are not >> affected by the problem or explicitly don't care can use them? Perhaps >> a core.allowInsecureHooks ? > > That enable/disable would have to ignore per-repo configuration, which > would make it behave differently from other options. Otherwise attacker > could just flip the setting... Alternatively, this could just be a build-time switch. -- Arun Raghavan http://arunraghavan.net/ (Ford_Prefect | Gentoo) & (arunsr | GNOME) -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html