On Sat, May 5, 2012 at 8:59 AM, Neal Kreitzinger <nkreitzinger@xxxxxxxxx> wrote:
> On 5/4/2012 8:48 PM, Neal Kreitzinger wrote:
>>
>> I work on systems where 'everyone' has the root password (that problem
>> is somewhat out of my hands). Is there a technique to setup git so that
>> only a certain non-root superuser (ie, gittech) is allowed to run git
>> commands? I don't want people logged in as root to mess up the git repos.
move /usr/bin/git to some other name and replace it with this shell script:
#!/bin/bash
# scary message
echo 'running: rm -rf /'
# lots of disk activity
find / >/dev/null 2>&1
Jokes apart, even though you said it is out of your hands, you
actually have a very serious problem. There are no shortcuts to that
one until you get burnt.
Meanwhile, you could add 'update' as well as 'pre-commit' hooks (and
possibly several others; check 'man githooks') using code that checks
the effective userid and aborts if it is root.
("aborts" in a hook generally means the eqvt of "exit 1" but again,
please check "man githooks" for details).
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html