On 11/03, Jeff King wrote: > On Thu, Nov 03, 2016 at 10:51:31AM -0700, Brandon Williams wrote: > > > > > I don't know if I'm sold on a 'user' state just yet, perhaps that's just > > > > because I view a whitelist or blacklist as well black and white and > > > > having this user state adds in a gray area. > > > > > > Well the "user" state is to differentiate between the > > > * "I consciously typed `git clone ...` (and e.g. I know what happens as > > > I know the server admin and they are trustworthy.) > > > * a repository contains a possible hostile .gitmodules file such > > > that I am not aware of the network connection. > > > > This is still a gray area to me. I think that if we have a whitelist of > > protocols then it should be a true whitelist and not have some means of > > going around it. It just seems like something that could be exploited. > > How do you implement: > > git clone --recursive trusted:foo.git > > and use your ssh keys for the "trusted" server, but not for any servers > mentioned in .gitmodules? > > You need some way of distinguishing between the two contexts (and > setting policy for each). > > -Peff Interesting. Ok I can see how this would be a useful now. Thanks for the example :) -- Brandon Williams