Access control - author authenticity using a shared integration repository

[Thomas Arendsen Hein]

* Stanimir Stamenkov <s7an10 at netscape.net> [20091230 00:15]:
> Wed, 30 Dec 2009 00:45:12 +0200, /Stanimir Stamenkov/:
> 
> > Often a task is worked on by couple of developers cooperatively.
> > The final product would contain changesets of all the authors which
> > have done the changes, but probably (and I don't see another option)
> > the push to the integration repository will be done by a single
> > person.  So it should be possible for a user to push changesets of
> > other authors.  In this scenario I don't see anything preventing a
> > user to forge a changeset with the credentials of another.  How do
> > you deal with this?  Is there trace of the push operations - who
> > have done and what changesets have been added with them?
> 
> I've read Git changestes has author and committer fields, for
> example.  Don't know details about the Git's committer field but is
> there a similar field in Mercurial which records the system account
> (or alternative access method account like https:) used to
> commit/push the changesets?  Such field would be local to the
> repository in question and doesn't need to (should not) be
> propagated with clones.

author/committer fields would not help you here, because they are
propagated with clones.

If you setup a single account with ssh access via public keys and
hg-ssh (or mercurial-server) you could set an environment variable
and then use it in a changegroup hook to create a log file about who
pushed which changesets.

When using https, the username is probably already available in a
certain environment variable, I haven't checked this.

Thomas

-- 
thomas at intevation.de - http://intevation.de/~thomas/ - OpenPGP key: 0x5816791A
Intevation GmbH, Neuer Graben 17, 49074 Osnabrueck - AG Osnabrueck, HR B 18998
Geschaeftsfuehrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner