From: Jeff King <peff@peff.net>
To: Junio C Hamano <gitster@pobox.com>
Cc: Jonathan Nieder <jrnieder@gmail.com>,
Sitaram Chamarty <sitaramc@gmail.com>,
Ethan Reesor <firelizzard@gmail.com>,
git@vger.kernel.org, Ramkumar Ramachandra <artagnon@gmail.com>,
Greg Brockman <gdb@mit.edu>
Subject: Re: [RFC/PATCH] shell: allow 'help' command to disable interactive shell
Date: Mon, 11 Feb 2013 11:00:57 -0500 [thread overview]
Message-ID: <20130211160057.GA16402@sigill.intra.peff.net> (raw)
In-Reply-To: <7v8v6vpbej.fsf@alter.siamese.dyndns.org>
On Sun, Feb 10, 2013 at 11:17:24PM -0800, Junio C Hamano wrote:
> Jonathan Nieder <jrnieder@gmail.com> writes:
>
> > Isn't that a criticism of the git-shell-commands facility in general?
> > If it is common to have a lot of users with distinct home directories
> > but all with git-shell as their login shell, then the
> > git-shell-commands should not go in their home directory to begin
> > with, no?
>
> You can give one set of commands to some users while restricting
> others, no?
But that seems to me to argue against /etc/git/shell-disabled or
similar, which would apply to every user. Or are you proposing that the
check be:
if -d ~/git-shell-commands; then
: ok, interactive
elif -x /etc/git/shell-disabled; then
exec /etc/git/shell-disabled
else
echo >&2 'go away'
exit 1
fi
That at least means you can apply _whether_ to disable the shell
selectively for each user (by providing or not a git-shell-commands
directory), but you cannot individually select the script that runs for
that user. But it's probably still flexible enough; you can, after all, run
arbitrary code in the shell-disabled script, so it can select which
class of user it was called on and dispatch to a sub-script.
-Peff
next prev parent reply other threads:[~2013-02-11 16:01 UTC|newest]
Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-02-10 21:05 Git prompt Ethan Reesor
2013-02-10 21:25 ` Jonathan Nieder
2013-02-10 21:54 ` Ethan Reesor
2013-02-10 22:43 ` Jeff King
2013-02-10 22:54 ` Junio C Hamano
2013-02-11 0:43 ` Sitaram Chamarty
2013-02-11 1:20 ` [RFC/PATCH] shell: allow 'help' command to disable interactive shell Jonathan Nieder
2013-02-11 3:44 ` Junio C Hamano
2013-02-11 4:17 ` Jonathan Nieder
2013-02-11 4:30 ` Junio C Hamano
2013-02-11 4:32 ` Jonathan Nieder
2013-02-11 4:36 ` Jeff King
2013-02-11 5:22 ` Junio C Hamano
2013-02-11 5:57 ` Ethan Reesor
2013-02-11 6:07 ` Ethan Reesor
2013-02-11 6:09 ` Jonathan Nieder
2013-02-11 6:11 ` Ethan Reesor
2013-02-11 6:15 ` Jonathan Nieder
2013-02-11 6:22 ` Ethan Reesor
2013-02-11 6:14 ` Jonathan Nieder
2013-02-11 7:01 ` Junio C Hamano
2013-02-11 7:12 ` Jonathan Nieder
2013-02-11 7:17 ` Junio C Hamano
2013-02-11 7:21 ` Jonathan Nieder
2013-02-11 7:44 ` Junio C Hamano
2013-02-11 8:13 ` Jonathan Nieder
2013-02-11 16:17 ` Junio C Hamano
2013-02-11 16:00 ` Jeff King [this message]
2013-02-11 17:18 ` Junio C Hamano
2013-02-11 17:27 ` Jeff King
2013-02-11 7:18 ` Ethan Reesor
2013-02-11 7:15 ` Ethan Reesor
2013-02-11 7:22 ` Junio C Hamano
2013-02-11 7:26 ` Ethan Reesor
2013-02-11 7:28 ` Junio C Hamano
2013-02-11 3:59 ` Jeff King
2013-02-11 4:14 ` Jonathan Nieder
2013-02-11 4:17 ` Jeff King
2013-02-11 4:26 ` Jonathan Nieder
2013-02-11 4:33 ` Jeff King
2013-02-11 5:56 ` [PATCH 0/2 v2] " Jonathan Nieder
2013-02-11 5:57 ` [PATCH 1/2] shell doc: emphasize purpose and security model Jonathan Nieder
2013-02-11 7:10 ` Junio C Hamano
2013-02-11 7:13 ` Jonathan Nieder
2013-02-11 18:32 ` Junio C Hamano
2013-02-11 5:58 ` [PATCH 2/2] shell: pay attention to exit status from 'help' command Jonathan Nieder
2013-02-11 6:06 ` Ethan Reesor
2013-02-11 7:15 ` Junio C Hamano
2013-02-11 7:52 ` Jonathan Nieder
2013-02-11 16:28 ` Junio C Hamano
2013-02-11 4:45 ` [RFC/PATCH] shell: allow 'help' command to disable interactive shell Jeff King
2013-03-09 21:52 ` [PATCH v3 0/2] shell: allow 'no-interactive-login' " Jonathan Nieder
2013-03-09 21:55 ` [PATCH 1/2] shell doc: emphasize purpose and security model Jonathan Nieder
2013-03-09 22:00 ` [PATCH 2/2] shell: new no-interactive-login command to print a custom message Jonathan Nieder
2013-03-10 5:04 ` Junio C Hamano
2013-03-10 5:21 ` Jonathan Nieder
2013-03-10 10:49 ` Ramkumar Ramachandra
2013-03-11 22:48 ` Jonathan Nieder
2013-03-12 10:47 ` [PATCH v3 0/2] shell: allow 'no-interactive-login' command to disable interactive shell Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130211160057.GA16402@sigill.intra.peff.net \
--to=peff@peff.net \
--cc=artagnon@gmail.com \
--cc=firelizzard@gmail.com \
--cc=gdb@mit.edu \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=jrnieder@gmail.com \
--cc=sitaramc@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).