From: Teemu Matilainen <teemu.matilainen@iki.fi>
To: Sitaram Chamarty <sitaramc@gmail.com>
Cc: martin f krafft <madduck@madduck.net>,
git discussion list <git@vger.kernel.org>
Subject: Re: [gitolite] repo config for delegated projects
Date: Sat, 6 Feb 2010 20:21:33 +0200 [thread overview]
Message-ID: <20100206182133.GL2530@reaktor.fi> (raw)
In-Reply-To: <2e24e5b91002051650k3c7cf14ev8752d36b5616e9a4@mail.gmail.com>
On Sat, 06 Feb 2010, Sitaram Chamarty wrote:
> Now I just looked up hooks.showrev, and it's supposed to be any shell
> command. Clearly this means anyone who can set that gitconfig option
> now has shell capability, and it's game over.
But of course you need to have a hook that runs the command. And
setting hooks requires shell access.
Sorry for not thinking any problems with the config thing. I personally
don't use the delegation and on the other hand all our gitolite
administrators anyway have shell access to the server...
> Regardless of how I look at it, I can't think of a cure for this short
> of either:
> - putting all the allowed gitconfigs in the RC file, and not in the
> config (writing the RC file requires shell access, and we presume the
> "root of trust" person has enough smarts to know what to allow and
> what not to allow), and allowing repo admins to *refer* to them to use
> whichever they want
This sounds better solution for me.
> - someone coming up with a list of gitconfig's that are "safe", and
> specific values for those that are unsafe (like saying "if you use
> showrev, you can only use this command as the value", and forcing
> only those.
Might get too complicated. Anyway the person setting the hook script
should know what it does and which configuration keys it uses and how.
--
- Teemu
prev parent reply other threads:[~2010-02-06 18:21 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20100203035718.GA30644@lapse.rw.madduck.net>
[not found] ` <2e24e5b91002022222h5ca3ebe6k75854a9a056f0ed1@mail.gmail.com>
2010-02-03 20:22 ` [gitolite] repo config for delegated projects martin f krafft
2010-02-03 22:47 ` Teemu Matilainen
2010-02-04 1:18 ` Sitaram Chamarty
2010-02-04 4:08 ` martin f krafft
2010-02-06 0:50 ` Sitaram Chamarty
2010-02-06 4:22 ` martin f krafft
2010-02-06 6:45 ` Sitaram Chamarty
2010-02-06 18:21 ` Teemu Matilainen [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100206182133.GL2530@reaktor.fi \
--to=teemu.matilainen@iki.fi \
--cc=git@vger.kernel.org \
--cc=madduck@madduck.net \
--cc=sitaramc@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).