Re: How to identify the users?

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Tomas Carnecky <tomas.carnecky@gmail.com>
To: Scott Yan <scottyan19@gmail.com>, git@vger.kernel.org
Subject: Re: How to identify the users?
Date: Thu, 31 Jan 2013 06:08:01 +0000	[thread overview]
Message-ID: <1359612481-ner-5936@calvin> (raw)
In-Reply-To: <CACkbei+Jby13B7rsEb3iLQM2ZSFDgrkgvrYC5M7u4yatppvLxA@mail.gmail.com>

On Thu, 31 Jan 2013 13:52:32 +0800, Scott Yan <scottyan19@gmail.com> wrote:
> Hello everyone:
> 
> The user info of git client (user name and email) is set by the users
> themselves, so , how to avoid userA pretend to be userB?
> 
> Git server could authentication the user, but it do nothing about the
> user info of commit message.
> 
> For example:
> There are 20 people of my team, and everyone can push to the public
> repository(git server),
> If I found some backdoor code in my project, and the commit record
> shows it was committed by userA, so I ask userA: why do you do this?
> but he told me: no, this is not my code, I have never committed such
> thing.  ----and yes, everyone could change his user info to userA very
> easily .
> 
> so... what should I do to avoid such situations?

gitolite keeps a log of which SSH user pushed which commits. The smart-http
backend does the same if you have reflog enabled on the server (see the
ENVIRONMENT section in man git-http-backend). So unless someone can steal
userA's credentials (http password, ssh key) you'll be able to detect who it
really was.

next prev parent reply	other threads:[~2013-01-31  6:08 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-01-31  5:52 How to identify the users? Scott Yan
     [not found] ` <CAH5451nd81aHtaxqpkTeCNG0xpuPd8ptdxRcOgGHaYuN3Qb7WA@mail.gmail.com>
2013-01-31  6:07   ` Scott Yan
2013-01-31  6:08 ` Tomas Carnecky [this message]
2013-01-31  6:10   ` Sitaram Chamarty
2013-01-31  6:53     ` Scott Yan
2013-01-31 10:12       ` Sitaram Chamarty
2013-01-31  6:16 ` Andrew Ardill

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1359612481-ner-5936@calvin \
    --to=tomas.carnecky@gmail.com \
    --cc=git@vger.kernel.org \
    --cc=scottyan19@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.