On Wed, Jan 14, 2009 at 11:48:38AM +0100, Jan Engelhardt wrote:
> This is much shorter than inet_ntop'ing, and also translated
> unresolvable addresses into a string.
Er, doesn't this totally change the meaning of REMOTE_ADDR from an IP
address to a hostname? That seems bad because:
- people already have hooks that compare REMOTE_ADDR against an
address, so we are breaking their hooks
- we are losing IP information in favor of hostname information; since
(I assume) this is primarily intended for IP-based access control,
we are adding an extra layer of indirection in the middle of our
security model (i.e., I used to have to spoof an IP to fool your
hook, but now I can do that _or_ spoof DNS).
So at the very least, you should be adding REMOTE_HOST in _addition_ to
REMOTE_ADDR, not instead of. But that still leaves one final concern,
which is that some git-daemon admins might not want to pay the cost for
a reverse lookup for every request. It's extra network traffic, and adds
extra latency to the process (but I don't personally run git-daemon, and
I don't know whether big sites like kernel.org actually care about
this).
-Peff
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
