Security and permissions in git

Security and permissions in git

[Jay Renbaum]

When setting up a public repository is there a way to control who has access 
to various directories within the repository or is everything equal once you 
are in?

Re: Security and permissions in git

[Daniel Barkalow]

On Thu, 29 Jan 2009, Jay Renbaum wrote:

> When setting up a public repository is there a way to control who has access 
> to various directories within the repository or is everything equal once you 
> are in?

Every commit contains a version of the complete contents, so people have 
to be able to read the contents of all directories and write some 
directory contents. However, you can prohibit users from pushing content 
to the repository unless particular directories (or files) match what's 
there already. This is generally what people want when they have this 
requirement.

It's also possible to use submodules to have a project contain parts that 
some users don't have any access to, while still being able to produce 
commits to the main project (in combination with the above check so that 
try can't replace the submodule entirely with content they do have access 
to, or submodule commits they've seen referenced previously)

	-Daniel
*This .sig left intentionally blank*

Re: Security and permissions in git

[Jeff King]

On Thu, Jan 29, 2009 at 05:13:41PM -0500, Daniel Barkalow wrote:

> Every commit contains a version of the complete contents, so people have 
> to be able to read the contents of all directories and write some 
> directory contents. However, you can prohibit users from pushing content 
> to the repository unless particular directories (or files) match what's 
> there already. This is generally what people want when they have this 
> requirement.

If this is what you want, see Shawn's contrib/hooks/update-paranoid,
which lets you specify ACLs in the config.

-Peff