> > As I understand it, none of the repository backends allow any per-user > > per-branch access control. SSH and HTTP come the closest with the right > > hooks, but since the repository is writeable by those users, there is > > little to stop them from changing the repository directly. > I wonder if it would be enought for SSH (and perhaps HTTP/WebDAV access) > just to rely on filesystem write access to refs/heads files (different > files having different access rights), and filesystem ACLs. It could probably be done, but it would be very complicated. For instance, if a user is allowed to run prune, then they must have permissions to delete files which would include any of the objects. For DAV, this breaks down completely because all access to the repository will happen as the Apache user. -- --Andre Masella (andre at masella.no-ip.org) - To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html