On Thu, Jul 14, 2016 at 11:41 AM, Jeff King <peff@xxxxxxxx> wrote: > On Thu, Jul 14, 2016 at 10:39:16AM -0700, Stefan Beller wrote: > >> Jeff wrote: >> > Junio wrote: >> >> I think those extra knobs can come later. If we are not going to >> >> limit with max_options in the end, however, wouldn't it be more >> >> natural for the initial iteration without any configuration not to >> >> have hard-coded max_options at all? >> > >> > Yeah, I am OK with adding restrictive knobs later as a separate topic. >> > As Stefan notes, upstream does not have the other knobs anyway, and IIRC >> > the push-options feature is not even enabled by default. >> >> * now it actually is not a default. ;) > > Hmm. So that is a downside for people who have implemented separate DoS > protection only in that upgrading git will open a new "hole" that they > need to plug. But that is their problem, not upstream git's. > > -Peff But this is not specific to DoS protection, but like most features. Just look at the vendors using linux that think carrying patches out of tree for their special snowflake hardware is cheaper than getting it upstream.... (This is not to be read as a snarky comment, but rather as a pointer to the similarity of the mechanisms involved). Although I cannot tell offhand another feature that would easily break downstream customization. Stefan -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html