[ANN] autosign extension
Martin Geisler
mg at lazybytes.net
Sat May 16 09:10:40 CDT 2009
Lasse Kliemann <lasse-list-mercurial-2009 at mail.plastictree.net> writes:
> * Message by -Arne Babenhauserheide- from Fri 2009-05-15:
>
>> A hook or option to disallow invalid changesets from being put into
>> the repository would be nice, though.
I have already made such a hook, which can be used as
[hooks]
pretxnchangegroup.check = python:~/src/commitsigs/commitsigs.py:hook
it will reject changesets that lack a valid signature.
>> To get your full security, you'd then just activate that hook/option
>> - preferably in a repository used for exchanging changesets (for
>> example the shared push repository).
>
> A general approach would be a hook that only allows changesets where
> the user matches some pattern, and where the user can be verified
> (otherwise looking at the user is pointless).
If the hook verifies the signatures using a keyring with only the right
keys, then you'll get your pattern match for free.
--
Martin Geisler
VIFF (Virtual Ideal Functionality Framework) brings easy and efficient
SMPC (Secure Multiparty Computation) to Python. See: http://viff.dk/.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url : http://selenic.com/pipermail/mercurial/attachments/20090516/3029110f/attachment.pgp
More information about the Mercurial
mailing list