[darcs-users] scponly, rssh, darcs-server, jail
Max Battcher
me at worldmaker.net
Sun Apr 5 03:30:10 UTC 2009
On Sat, Apr 4, 2009 at 9:12 PM, Trent W. Buck <trentbuck at gmail.com> wrote:
> Guillaume Hoffmann <guillaumh at gmail.com> writes:
>> * what are you using to restrict user freedom ? scponly, rssh ? a
>> chroot jail ? nothing ?
>
> The Darcs project itself relies on patch submissions via "darcs send"
> instead of "darcs push".
This is definititely a powerful tool and should not be overlooked.
Darcs supports signing patches with SSH and GPG keys, and you can use
simple email reading tools to auto-apply signed patches (a
procmail-based example is in the manual). One of the additional
benefits of darcs send is that the same emails that darcs send sends
out can be rerouted in the traditional manners of email. Darcs' own
development uses this to strong effect in that both priviledged and
anonymous/un-priviledged developers follow the same workflow (darcs
send) and the darcs team can triage both their own patches that fail
tests/don't apply cleanly and un-priviledged developers' patches from
the comfort of the darcs mailing list.
>> * and finally there is : http://www.equational.org/darcs-server/
>
> Certainly pushing with HTTP PUT (or some other "smart server") is
> another way to provide security, and this is what other VCSs tend to do.
> AFAIK this functionality exists for Darcs, but is not yet mature.
Darcs send supports "sending an email" to an HTTP POST request in
addition to sending it through actual email. This may be more
convenient for some projects (easier to setup a CGI script than an
email reading script; some users have a harder time sending SMTP
messages across firewalls or through their system configurations than
they do sending a simple HTTP POST request).
--
--Max Battcher--
http://www.worldmaker.net/
More information about the darcs-users
mailing list