User masquerading - audit trail?
Arne Babenhauserheide
arne_bab at web.de
Wed Jan 14 13:16:23 CST 2009
Am Mittwoch 14 Januar 2009 19:59:37 schrieb Matt Mackall:
> Also note that if we assume developer's repos can be compromised by
> third parties (because, say, they left it open), we must also assume
> that their GPG keys can't be trusted. If I can get you to run arbitrary
> code by putting it in your repo, I can steal your GPG key (and your ssh
> key, and probably your credit card numbers, etc.).
This is true for many workflows, but for exampel for documentation it isn't.
There I could grant quick push access, but only signed changesets could be
pushed to the main repo.
For example I could have a public wiki where I sign off changesets before I
push. The main repo should only accept changesets I signed, and if I push the
wrong ones it should stop.
Best wishes,
Arne
--
-- Ein Würfel System: http://1w6.org - einfach saubere (Rollenspiel-) Regeln.
-- Infinite Hands: http://infinite-hands.draketo.de - singing a part of the
history of free software.
-- My stuff: http://draketo.de - stories, songs, poems, programs and stuff :)
-- PGP/GnuPG: http://draketo.de/inhalt/ich/pubkey.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
Url : http://selenic.com/pipermail/mercurial/attachments/20090114/c6d421b7/attachment.pgp
More information about the Mercurial
mailing list