From: "Shawn O. Pearce" <spearce@spearce.org>
To: Arun Raghavan <ford_prefect@gentoo.org>
Cc: git@vger.kernel.org
Subject: Re: [PATCH 0/2] upload-pack: pre- and post- hooks
Date: Mon, 1 Feb 2010 07:20:10 -0800 [thread overview]
Message-ID: <20100201152010.GC8916@spearce.org> (raw)
In-Reply-To: <1265013127-12589-1-git-send-email-ford_prefect@gentoo.org>
Arun Raghavan <ford_prefect@gentoo.org> wrote:
> This patch set reintroduces the post-upload-pack hook and adds a
> pre-upload-pack hook. These are now only built if 'ALLOW_INSECURE_HOOKS' is set
> at build time. The idea is that only system administrators who need this
> functionality and are sure the potential insecurity is not relevant to their
> system will enable it.
*sigh*
I guess this is better, having it off by default, but allowing an
administrator who needs this feature to build a custom package.
Unfortunately... I'm sure some distro out there is going to think
they know how to compile Git better than we do, and enable this by
default, exposing their users to a security hole. Ask the OpenSSL
project about how well distros package code... :-\
I'd like a bit more than just a compile time flag.
> At some point if the future, if needed, this could also be made a part of the
> negotiation between the client and server.
I'm not sure I follow.
Are you proposing the server advertises that it wants to run hooks,
and lets the client decide whether or not they should be executed?
--
Shawn.
next prev parent reply other threads:[~2010-02-01 15:20 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-01-14 18:01 Removal of post-upload-hook Arun Raghavan
2010-01-14 19:36 ` Jeff King
2010-01-14 19:41 ` Shawn O. Pearce
2010-01-14 19:52 ` Arun Raghavan
2010-01-14 20:43 ` Jeff King
2010-01-14 21:06 ` Robin H. Johnson
2010-01-15 14:47 ` Jeff King
2010-01-15 6:12 ` Arun Raghavan
2010-01-15 11:52 ` Ilari Liusvaara
2010-01-15 12:14 ` Arun Raghavan
2010-02-01 8:32 ` [PATCH 0/2] upload-pack: pre- and post- hooks Arun Raghavan
2010-02-01 8:32 ` [PATCH 1/2] upload-pack: Reinstate the post-upload-pack hook Arun Raghavan
2010-02-01 8:32 ` [PATCH 2/2] upload-pack: Add a pre-upload-pack hook Arun Raghavan
2010-02-01 15:20 ` Shawn O. Pearce [this message]
2010-02-01 15:50 ` [PATCH 0/2] upload-pack: pre- and post- hooks Arun Raghavan
2010-02-01 16:01 ` Shawn O. Pearce
2010-02-02 5:50 ` Arun Raghavan
2010-02-01 16:30 ` Nicolas Pitre
2010-02-01 16:36 ` Shawn O. Pearce
2010-02-02 5:52 ` Arun Raghavan
2010-02-02 6:15 ` Nicolas Pitre
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100201152010.GC8916@spearce.org \
--to=spearce@spearce.org \
--cc=ford_prefect@gentoo.org \
--cc=git@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).