Re: git dangerous operations on alioth
On 28/02/13 13:15, Simon McVittie wrote:
> On 28/02/13 09:39, Daniel Pocock wrote:
>> Has anybody had experience controlling access to git repositories, for
>> example, to give users access but prevent some of the following
>> dangerous operations?
>
> If you look at it from the appropriate angle, the combination of ftp.d.o
> and snapshot.d.o (particularly source packages) is a big, inefficient
> VCS, with a rather wider user-base than Alioth - what the maintainer
> says the git history of package "foo" is seems relatively unimportant
> when compared with what its upload history looks like. All DDs have the
> ability to "commit" wide-ranging changes to that "VCS", and we mostly
> regulate that by social conventions for what can and can't be in an NMU
> or a "team upload", discouraging hostile NMUs and hijacking, etc.,
> rather than by applying chmod.
DD access is also an `all or nothing' scenario, and it is tightly
controlled in other ways.
What I was anticipating is how we can provide more access for upstreams
and other non-DDs using the guest account mechanism or potentially some
kind of non-UNIX level access
To give one example, one of my packages fails to build with clang due to
some other header file in package foo. Somebody actually uploaded a fix
for foo onto mentors long before the freeze, but it got no further. It
leaves me feeling that the DD community could benefit from more
automated ways to ramp up new members and accept their contributions,
but that would also mean taking the sharp edges off some things.
Reply to: