Hi, On Tue, 23 Jan 2007, Andre Masella wrote: > > > As I understand it, none of the repository backends allow any > > > per-user per-branch access control. SSH and HTTP come the closest > > > with the right hooks, but since the repository is writeable by those > > > users, there is little to stop them from changing the repository > > > directly. > > > > I wonder if it would be enought for SSH (and perhaps HTTP/WebDAV > > access) just to rely on filesystem write access to refs/heads files > > (different files having different access rights), and filesystem ACLs. > > It could probably be done, but it would be very complicated. For > instance, if a user is allowed to run prune, then they must have > permissions to delete files which would include any of the objects. > > For DAV, this breaks down completely because all access to the > repository will happen as the Apache user. I read this, and I can't help myself thinking: This would be such a non-issue if you had one _repository_ per-user. If they take too much space, set them up with "git clone --reference=<official-central>", so you automatically use alternates. You would not hit the problem where two developers want to push onto the same branchname, too. Ciao, Dscho - To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html