Re: [PATCH] push: deny policy to prevent pushes to unwanted remotes.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello Lars, thanks for your reply. 
> 
> 
> > On 30 May 2016, at 06:45, Antoine Queru
> > <antoine.queru@xxxxxxxxxxxxxxxxxxxxxxx> wrote:
> > 
> > Currently, a user wanting to prevent accidental pushes to the wrong remote
> > has to create a pre-push hook.
> > The feature offers a configuration to allow users to prevent accidental
> > pushes
> > to the wrong remote. The user may define a list of whitelisted remotes, a
> > list
> > of blacklisted remotes and a default policy ("allow" or "deny"). A push
> > is denied if the remote is explicitely blacklisted or if it isn't
> > whitelisted and the default policy is "deny".
> > 
> > This feature is intended as a safety net more than a real security, the
> > user
> > will always be able to modify the config if he wants to. It is here for him
> > to
> > consciously restrict his push possibilities. For example, it may be useful
> > for an unexperimented user fearing to push to the wrong remote, or for
> > companies wanting to avoid unintentionnal leaking of private code on public
> > repositories.
> 
> Thanks for working on this feature. Unfortunately I won't be able to test and
> review it before June 14. I am traveling without laptop and only very
> sporadic internet access :)
> 
> One thing that I noticed already: I think a custom warning/error message for
> rejected pushes would be important because, as you wrote above, this feature
> does not provide real security. That means if a push is rejected for someone
> in an organization then the user needs to understand what is going on. E.g.
> in my organization I would point the user to the open source contribution
> guidelines etc.
> 
> Thanks,
> Lars

I might not understand what you've said, but I think this feature is already 
implemented in our version, with remote.pushDenyMessage. Is this what you're
talking about ?
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]