From: Junio C Hamano <gitster@pobox•com>
To: Jacob Keller <jacob.keller@gmail•com>
Cc: "Ævar Arnfjörð Bjarmason" <avarab@gmail•com>,
"Git mailing list" <git@vger•kernel.org>
Subject: Re: [PATCH 2/3] githooks.txt: Amend dangerous advice about 'update' hook ACL
Date: Mon, 25 Apr 2016 11:29:46 -0700 [thread overview]
Message-ID: <xmqqmvohlexx.fsf@gitster.mtv.corp.google.com> (raw)
In-Reply-To: <CA+P7+xqveyG7RTWb2k8UsFWRwjvM6JJkveRr3NV-bammqSkpkQ@mail.gmail.com> (Jacob Keller's message of "Sun, 24 Apr 2016 13:32:39 -0700")
Jacob Keller <jacob.keller@gmail•com> writes:
>> -Another use suggested on the mailing list is to use this hook to
>> -implement access control which is finer grained than the one
>> -based on filesystem group.
>> +Another use for this hook to implement access control which is finer
>> +grained than the one based on filesystem group. Note that if the user
>> +pushing has a normal login shell on the machine receiving the push
>> +implementing access control like this can be trivially bypassed by
>> +just using not executing the hook. In those cases consider using
>
> "by just using not executing the hook."
>
> This grammar doesn't make sense. It doesn't quite match what you said
> in the commit message either.
>
>> +e.g. linkgit:git-shell[1] as the login shell to restrict the user's
>> +access.
While there is nothing technically wrong in what it says, I wonder
if it is worth to state the obvious. If one can bypass update hook,
one can bypass any other hook, so the information does not even
belong here.
Instead of saying "acl can be implemented on top of update hook, but
not quite because you can bypass it", it may be more useful to say
"in an environment that restricts the users' access only to git
commands over the wire, this hook can be used to access control
without relying on filesystem ownership and group membership",
perhaps?
next prev parent reply other threads:[~2016-04-25 18:29 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-04-24 20:20 [PATCH 1/3] githooks.txt: Improve the intro section Ævar Arnfjörð Bjarmason
2016-04-24 20:20 ` [PATCH 2/3] githooks.txt: Amend dangerous advice about 'update' hook ACL Ævar Arnfjörð Bjarmason
2016-04-24 20:32 ` Jacob Keller
2016-04-24 21:26 ` [PATCH v2 " Ævar Arnfjörð Bjarmason
2016-04-25 18:29 ` Junio C Hamano [this message]
2016-04-26 17:39 ` [PATCH " Ævar Arnfjörð Bjarmason
2016-04-24 20:20 ` [PATCH 3/3] githooks.txt: Minor improvements to the grammar & phrasing Ævar Arnfjörð Bjarmason
2016-04-25 18:33 ` Junio C Hamano
2016-04-26 16:55 ` Ævar Arnfjörð Bjarmason
2016-04-25 5:35 ` [PATCH 1/3] githooks.txt: Improve the intro section Eric Sunshine
2016-04-25 14:14 ` [PATCH v3 0/3] Improvements to githooks.txt documentation Ævar Arnfjörð Bjarmason
2016-04-25 18:34 ` Junio C Hamano
2016-04-25 14:14 ` [PATCH v3 1/3] githooks.txt: Improve the intro section Ævar Arnfjörð Bjarmason
2016-04-25 14:14 ` [PATCH v3 2/3] githooks.txt: Amend dangerous advice about 'update' hook ACL Ævar Arnfjörð Bjarmason
2016-04-25 14:14 ` [PATCH v3 3/3] githooks.txt: Minor improvements to the grammar & phrasing Ævar Arnfjörð Bjarmason
2016-04-25 18:23 ` [PATCH 1/3] githooks.txt: Improve the intro section Junio C Hamano
2016-04-26 17:51 ` Ævar Arnfjörð Bjarmason
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqmvohlexx.fsf@gitster.mtv.corp.google.com \
--to=gitster@pobox$(echo .)com \
--cc=avarab@gmail$(echo .)com \
--cc=git@vger$(echo .)kernel.org \
--cc=jacob.keller@gmail$(echo .)com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox