On Sun, Apr 24, 2016 at 1:20 PM, Ævar Arnfjörð Bjarmason <avarab@xxxxxxxxx> wrote: > Any ACL you implement via an 'update' hook isn't actual access control > if the user has login access to the machine running git, because they > can trivially just built their own git version which doesn't run the > hook. > > Change the documentation to take this dangerous edge case into account, > and remove the mention of the advice originating on the mailing list, > the users reading this don't care where the idea came up. > > Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@xxxxxxxxx> > --- > Documentation/githooks.txt | 10 +++++++--- > 1 file changed, 7 insertions(+), 3 deletions(-) > > diff --git a/Documentation/githooks.txt b/Documentation/githooks.txt > index 2f3caf7..e9d169e 100644 > --- a/Documentation/githooks.txt > +++ b/Documentation/githooks.txt > @@ -275,9 +275,13 @@ does not know the entire set of branches, so it would end up > firing one e-mail per ref when used naively, though. The > <<post-receive,'post-receive'>> hook is more suited to that. > > -Another use suggested on the mailing list is to use this hook to > -implement access control which is finer grained than the one > -based on filesystem group. > +Another use for this hook to implement access control which is finer > +grained than the one based on filesystem group. Note that if the user > +pushing has a normal login shell on the machine receiving the push > +implementing access control like this can be trivially bypassed by > +just using not executing the hook. In those cases consider using "by just using not executing the hook." This grammar doesn't make sense. It doesn't quite match what you said in the commit message either. > +e.g. linkgit:git-shell[1] as the login shell to restrict the user's > +access. > > Both standard output and standard error output are forwarded to > 'git send-pack' on the other end, so you can simply `echo` messages > -- > 2.1.3 > > -- > To unsubscribe from this list: send the line "unsubscribe git" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html