Tommi Virtanen wrote:
>Summary: I fully expect gitosis to be more secure than a manually
>maintained git-shell over SSH setup, mostly because it can make
>human errors more rare.
I installed gitosis a year ago.
Then I tried to audit the code.
I couldn't, the whole thing is too much spaghetti code.
I.e. the individual python routines might be well written, but there
is no concise overview in 10 lines max which can explain to me what
happens which might or might not open up security holes. There are too
many pieces of code depending on each other.
I.e. if you trust the author not to have made any mistakes, then it
is probably secure.
Auditing gitosis turned out to be too painful to be worth the trouble,
so I reverted to a manually maintained git-shell solution which is so
simple that I can actually audit it, and therefore is provably secure
(which gitosis is not).
--
Sincerely,
Stephen R. van den Berg.
Humor in the Court: Q: What happened then? A: He told me, he says,
"I have to kill you because you can identify me." Q: Did he kill you? A: No.
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
