[Ksummit-discuss] [TOPIC] Services needed from kernel.org
Konstantin Ryabitsev
mricon at kernel.org
Wed May 21 00:40:58 UTC 2014
On 20/05/14 06:53 PM, josh at joshtriplett.org wrote:
> How feasible is it to support git hooks that want to construct and send
> (significant volumes of) email, while retaining the security and
> sandboxing currently being applied to git repositories?
It's feasible, but I can't make this a free-for-all, for obvious
reasons. :) With gitolite, hooks execute as the same user "git" and
therefore any code running inside a hook has unfettered access to all
git repositories regardless of in-gitolite repository permissions.
What we can do is have a peer-reviewed collection of "blessed" hooks
available to developers. Not being a kernel dev myself, I'm not the one
to put such a collection together, though -- I'm not even sure if such a
cookie-cutter approach would be suitable.
I guess what I'm really trying to say is that I'd rather avoid having to
continuously review code written by people to whom "you write perl like
it's C" is a compliment. ;) If we can get by with a handful of standard
hooks, I'm for it, though.
Best,
--
Konstantin Ryabitsev
Senior Systems Administrator
Linux Foundation Collab Projects
Montréal, Québec
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 713 bytes
Desc: OpenPGP digital signature
URL: <http://lists.linuxfoundation.org/pipermail/ksummit-discuss/attachments/20140520/34e9dd4e/attachment.sig>
More information about the Ksummit-discuss
mailing list