[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: dist-git proof of concept phase 2 ready for testing



On Sun, 2009-12-20 at 19:31 -0800, Jesse Keating wrote:
> On Sun, 2009-12-20 at 10:28 +0100, Hans Ulrich Niedermann wrote:
> > Currently, it appears that I can push arbitrarily named branches, at
> > least if the package does not have per branch ACLs:
> > 
> 
> Yes, that makes sense given the way the ACL system works, it just wasn't
> fully expected by me.  A small change to the ACL generation script will
> make sure that this sort of loophole is closed.
> 

This has been done.  The way the ACLs now work, if you are a packager,
you can create branches in any package that start with "private-".  This
makes it even easier to pass changes around as you can tell the
maintainer to pull from or merge from a private branch you've created.

Nobody should be able to create any branches that do not start with
"private-".

If we wanted to lock this down more, and only allow you to commit to a
private- branch only if you already have write access to some other
branch (F-12, master, EL-5, whatever) then I'll have to add more logic
to the ACL generation tool.  But for now, I like the freedom we have.

We'll make sure that the buildsystem will not allow any official
(non-scratch) builds to happen from a private-* branch.


-- 
Jesse Keating
Fedora -- FreedomĀ² is a feature!
identi.ca: http://identi.ca/jkeating

Attachment: signature.asc
Description: This is a digitally signed message part


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]