[darcs-users] Darcs Servers
Jason Dagit
dagit at codersbase.com
Mon Aug 17 18:09:56 UTC 2009
On Mon, Aug 17, 2009 at 11:04 AM, Grant Husbands
<darcsusers at grant.x43.net>wrote:
> Miklos Vajna wrote:
> > I think the problem is that you can push a setpref patch, then a simple
> > 'darcs apply' will fire you as well.
>
> This sounds like quite a risk, indeed. I wonder whether we could
> disable the security-risk patches by default, in future Darcs
> versions.
In the past darcs has always been developed with the conceptual model that
anyone who can push to your repository is trusted. In other words, security
is handled at a layer external to darcs. Changing that assumption would
take careful planning and consensus. Not impossible, but not simple either
:)
Jason
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osuosl.org/pipermail/darcs-users/attachments/20090817/5aa4057e/attachment.htm>
More information about the darcs-users
mailing list