On Wed, Aug 29, 2007 at 06:20:05AM CEST, Shawn O. Pearce wrote:
> Johannes Schindelin <Johannes.Schindelin@xxxxxx> wrote:
> > On Tue, 28 Aug 2007, Theodore Tso wrote:
> > > On Tue, Aug 28, 2007 at 12:10:59AM -0400, Shawn O. Pearce wrote:
> > > > At day-job I have a hard rule that you cannot even push into an A, let
> > > > alone rewind a branch in it or delete a branch from it.
> > >
> > > Why don't you even allow people to push into A? That should be safe....
> >
> > Nope:
> >
> > for b in $(git ls-remote /that/other/repo | sed "s/^[^ ]* //")
> > do
> > git push /that/other/repo :$b
> > done
>
> Well, at day-job I use contrib/hooks/update-paranoid to deny all
> push access into my A's (/that/other/repo). But that could just
> as easily be configured to allow branch creation and branch update
> (fast-forward) but no rewind or delete.
>
> When I symlink A's refs into B I also don't allow B to update,
> create, rewind or delete the symlinked refs via push. This way
> you can't do something weird to A like upload new objects into B's
> ODB but then change A's refs to point to objects that A's own ODB
> doesn't have.
>
> Hmm, I wonder of Pasky handles that correctly on repo.or.cz...
I don't handle it at all, but if you don't have permissions to modify A
you simply won't be able to do anything weird to A. If you have the
permissions, I'm still not sure if Git will keep symlinked refs over
ref updates; if so, hey, you had the permissions for A and it's your
reponsibility if you screw up.
--
Petr "Pasky" Baudis
Early to rise and early to bed makes a male healthy and wealthy and dead.
-- James Thurber
-
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
