User masquerading - audit trail?
Giorgos Keramidas
keramida at ceid.upatras.gr
Sat Oct 4 19:07:18 CDT 2008
On Sat, 04 Oct 2008 16:08:39 -0700, Kurt Granroth <kurt.mercurial at granroth.com> wrote:
> I'm thinking now that I could create an 'incoming' hook on a central
> repo that compares a list of "semi-trusted" users against whatever
> user is running the hook (presumably the one authenticated via ssh).
> If the authenticated user and userlist don't match, then the patch is
> rejected.
>
> This could still work even in the scenario you listed. In your trust
> network, you can have the following:
>
> Level 1: Untrusted developers. They must email all patches to a
> Trusted Developer
> Level 2: Semi-trusted developers. They can push patches, but their
> usernames must match their authenticated username
> Level 3: Trusted developers. These are core developers that can push
> their own patches or push other people's patches. No
> checking is done to verify that they are who they say they
> are since they are fully trusted.
That sounds nice :)
More information about the Mercurial
mailing list