I've been using git for a while and really like it, but I have a concern about security. As I understand it, none of the repository backends allow any per-user per-branch access control. SSH and HTTP come the closest with the right hooks, but since the repository is writeable by those users, there is little to stop them from changing the repository directly. If this is truly the case, I was thinking of creating something similar to SVN's Apache plugin to provide more sophisticated access control. I'm leaning toward the HTTP remote (transport? backend? What's the right term?) because Apache can do many kinds of authentication. I could also make the HTTP less dumb, if I had a better idea what that might involve. This could also be a way to solve the requests for remote repository creation I see in the survey. So, before I start, I would like to get ideas from others...or be told this is a waste of time. Thanks. -- --Andre Masella (andre at masella.no-ip.org) - To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html