Force user to be System user?
Douglas Philips
dgou at mac.com
Thu Aug 6 15:14:18 CDT 2009
On or about 2009 Aug 6, at 3:42 PM, Michael Thomas inquired:
> Noob question but googling provided no answers.
>
> Is there a way to force the user name of the commiter to be that of
> the
> user account being used? My naive understanding is that using -u one
> can make the user be anything one wants? In that scenario how do
> people
> audit who has commited what?
No, there isn't. In a distributed system you're just getting bits over
the wire.
How do you know you can trust the remote system's notion of a user
anyways?
(This is a big problem, much much bigger than Mercurial)
Which isn't to say that Mercurial can't help.
You might want to consider: http://mercurial.selenic.com/wiki/GpgExtension
if you want some assurances about authenticity.
(How can you be sure that the signer didn't give their private key
away or have it stolen? Security is a matter of degree with trade-offs
up and down the spectrum. Luckily Mercurial doesn't delude its users
into thinking that there is an easy answer. Also luckily, it provides
GpgExtension and in general provides hooks and other mechanisms so
that it can be tuned to the level of paranoia/security of its users.)
-Doug
More information about the Mercurial
mailing list