On 06/16/2010 07:28 PM, Nazri Ramliy wrote: > On Thu, Jun 17, 2010 at 12:09 AM, Aneurin Price <aneurin.price@xxxxxxxxx> wrote: >> How are they becoming root? If they are using sudo you could forbid >> running git as root. If they are using su or logging in directly maybe >> you can get away with some trivial thing like putting 'alias >> git=/bin/false' in /root/.bashrc - or some wrapper which does >> something helpful rather than silently fail :-). > > Thanks for dropping the hint on wrapper. > > I've implemented one that give the user a friendly reminder > that they are running git as root and ask whether to continue. When I needed this I wrote a hook that refused a commit by root unless the commit message said something to the effect of: Root commit performed by <person or script name>. It's not that I minded so much that root was doing commits, it's the anonymity that was the problem. So automated scripts that ran as root could perform commits too, they just had to include this note in the commit message so we knew which script was doing it. It was all the honor-system, but it did what we wanted and prevented committing as root by accident. --Pete -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html