From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jakub Narebski Subject: Re: Does git have "Path-Based Authorization"? Date: Sat, 01 Oct 2011 06:06:19 -0700 (PDT) Message-ID: References: Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-4 Content-Transfer-Encoding: QUOTED-PRINTABLE Cc: git@vger.kernel.org To: Grant X-From: git-owner@vger.kernel.org Sat Oct 01 15:06:28 2011 Return-path: Envelope-to: gcvg-git-2@lo.gmane.org Received: from vger.kernel.org ([209.132.180.67]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1R9zGu-0001kZ-8p for gcvg-git-2@lo.gmane.org; Sat, 01 Oct 2011 15:06:28 +0200 Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753161Ab1JANGY convert rfc822-to-quoted-printable (ORCPT ); Sat, 1 Oct 2011 09:06:24 -0400 Received: from mail-bw0-f46.google.com ([209.85.214.46]:49197 "EHLO mail-bw0-f46.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751339Ab1JANGW convert rfc822-to-8bit (ORCPT ); Sat, 1 Oct 2011 09:06:22 -0400 Received: by bkbzt4 with SMTP id zt4so2894237bkb.19 for ; Sat, 01 Oct 2011 06:06:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=x-authentication-warning:to:cc:subject:references:from:date :in-reply-to:message-id:lines:user-agent:mime-version:content-type :content-transfer-encoding; bh=R9ObHYXRIjkmbfWWvHLUeh8XmaWEJHOnM3KHhHpaQzM=; b=HUHz6Qm7hGuHNzKKllpz162QF3eA2IcYo8YyiRHrHNW/WzBfVd9VA+eqdP5bbkTXC4 TzrEWvrIwjk2bjOjPxb7Nu0THoAzp68Cio94iSE0/TCH8bu2Y8aGHGY8uSHLPonPB8e+ CLSSi/c2kdoEAjpPG2ac+EQdi5I36HlCNfWE0= Received: by 10.223.55.136 with SMTP id u8mr17443460fag.46.1317474380865; Sat, 01 Oct 2011 06:06:20 -0700 (PDT) Received: from localhost.localdomain (abws180.neoplus.adsl.tpnet.pl. [83.8.242.180]) by mx.google.com with ESMTPS id b10sm11498996fam.1.2011.10.01.06.06.18 (version=TLSv1/SSLv3 cipher=OTHER); Sat, 01 Oct 2011 06:06:19 -0700 (PDT) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by localhost.localdomain (8.13.4/8.13.4) with ESMTP id p91D5nW2020244; Sat, 1 Oct 2011 15:06:00 +0200 Received: (from jnareb@localhost) by localhost.localdomain (8.13.4/8.13.4/Submit) id p91D5cVY020237; Sat, 1 Oct 2011 15:05:38 +0200 X-Authentication-Warning: localhost.localdomain: jnareb set sender to jnareb@gmail.com using -f In-Reply-To: User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.4 Sender: git-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: git@vger.kernel.org Archived-At: Grant writes: > Hello, I'm trying to decide between git and subversion. Subversion > has "Path-Based Authorization" so I can give a developer access to > only specific files instead of everything. Does git have something > similar? >=20 > http://svnbook.red-bean.com/en/1.5/svn.serverconfig.pathbasedauthz.ht= ml =20 In distributed version control systems each developers gets full copy (a clone) of a repository (separate repository instance). This means t= hat if you want for developer to see only specified subset of repository (specific subdirectories) you would have to split repository into submodules, and control access on (sub)repository basis. However if you want only to prevent developer from making changes outsi= de specific subdirectory or specified files, you can do that on publish ti= me via update / pre-receive hook (like contrib/hooks/update-paranoid), or = git repository management tool such as Gitolite. That would prevent a push= if any of commits being published touches files that it shouldn't. P.S. Karl Fogel in "Producing Open Source Software" (http://producingos= s.com) writes that social solutions wrt. restricting contributors to given are= a are better than technical solutions such as (overly-)strict access control. HTH --=20 Jakub Nar=EAbski