On Thu, 28 Feb 2013 12:51:33 +0100, Arno Töll wrote: > On 28.02.2013 11:07, Stefano Zacchiroli wrote: > > On Thu, Feb 28, 2013 at 10:39:26AM +0100, Daniel Pocock wrote: > >> Has anybody had experience controlling access to git repositories, for > >> example, to give users access but prevent some of the following > >> dangerous operations? I think the interesting (non-technical) first question is why this would be needed. > > Related to this, there is also the risk that a user will ssh on alioth > > and rm the repository (accidentally or not). Do we have any kind of > > protection against that? (e.g. backups we can access to without > > bothering the alioth admins, or a way to give git access but not ssh > > access, or...) At least for pkg-perl I'm quite confident that someone would just push their locally cloned repo back to Alioth in case it was deleted there accidentally. > Personally I do host almost all my packages in collab-maint and contrary > to common belief, I only made good experiences with it. This is more of > a hypothetical discussion therefore. Ack. Again from my pkg-perl experience: Since before I joined all DDs have commit access and we hand out group membership/commit bits quite liberally to non-DDs. I don't remember any malicious action and the few accidents are just minor annoyances that are quickly fixed after the fact. Cheers, gregor -- .''`. Homepage: http://info.comodo.priv.at/ - OpenPGP key 0xBB3A68018649AA06 : :' : Debian GNU/Linux user, admin, and developer - http://www.debian.org/ `. `' Member of VIBE!AT & SPI, fellow of the Free Software Foundation Europe `- NP: Kurt Ostbahn & Die Kombo: (Heit loss i) Anschreibm
Attachment:
signature.asc
Description: Digital signature