| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA256 |
| 3 |
|
| 4 |
On 09/23/2015 05:30 AM, Michael Orlitzky wrote: |
| 5 |
> On 09/23/2015 04:40 AM, Todd Goodman wrote: |
| 6 |
>> |
| 7 |
>> We haven't had too many problems with it. Most of our problems |
| 8 |
>> seem to be with people having issues with git itself (it was new |
| 9 |
>> to almost everyone on the team) and not embracing a good workflow |
| 10 |
>> with it (or trying to only use git via Eclipse.) |
| 11 |
>> |
| 12 |
>> We have 80 or so Android repos and a much smaller handful of |
| 13 |
>> proprietary repos in use. |
| 14 |
>> |
| 15 |
> |
| 16 |
> Sorry to harp on this, but does your single gerrit user have write |
| 17 |
> access to all 80 of your repos? Yours is internal so the risk is |
| 18 |
> limited, but naturally, if we set one up, it would have to be |
| 19 |
> public. |
| 20 |
> |
| 21 |
> If there's a bug in the web UI somewhere and someone figures out |
| 22 |
> how to make it run code, that would put all of our repos at risk. |
| 23 |
> Even without being able to run code, a bug might allow privilege |
| 24 |
> escalation: someone outside the e.g. portage project might figure |
| 25 |
> out how to push to that repo because all of the logic is in Java |
| 26 |
> and not the filesystem. |
| 27 |
> |
| 28 |
> The way we have it now, push access is granted through SSH and is |
| 29 |
> therefore tied to your user. Implementing users/groups/permissions |
| 30 |
> in code would really be a step backwards; this isn't a theoretical |
| 31 |
> argument. |
| 32 |
> |
| 33 |
> These issues can totally be fixed -- I'm not saying they're endemic |
| 34 |
> to web-based git hosting. But to move access control down to the |
| 35 |
> filesystem deviates from how everyone else does things. So first |
| 36 |
> you need to spend time getting familiar with the project, then you |
| 37 |
> have to overhaul the way it works, and finally you have to get |
| 38 |
> upstream to acknowledge that you aren't crazy and accept your |
| 39 |
> docs/patches. That's a lot more work than just setting it up. |
| 40 |
> |
| 41 |
> |
| 42 |
I hadn't thought about that angle. If our access backbone is via SSH |
| 43 |
(and thus the filesystem/machine users) then I'm really not sure how |
| 44 |
to implement a GitLab or Gerrit instance while hooking into the |
| 45 |
filesystem. Allowing users to open accounts in order to post bugs, etc |
| 46 |
just isn't a great idea, imo, and duplicates the effort that already |
| 47 |
exists in Bugzilla. Maybe it'd be smarter to find a way to `git-am` |
| 48 |
patches from Bugzilla. |
| 49 |
|
| 50 |
- -- |
| 51 |
Daniel Campbell - Gentoo Developer |
| 52 |
OpenPGP Key: 0x1EA055D6 @ hkp://keys.gnupg.net |
| 53 |
fpr: AE03 9064 AE00 053C 270C 1DE4 6F7A 9091 1EA0 55D6 |
| 54 |
-----BEGIN PGP SIGNATURE----- |
| 55 |
Version: GnuPG v2 |
| 56 |
|
| 57 |
iQIcBAEBCAAGBQJWA4IfAAoJEAEkDpRQOeFwyR0P/jc6oLr5CV7J+31B5wPm+W/n |
| 58 |
KEDUVb+EMjyfgitAx1rcRxNxrQMlq9ZTGYdNeus8+OOnDg2z7WZuSlOsmIQPamiY |
| 59 |
aqHu2LUhsix9xUjGu6nYJHWzvE96ISkbrUtBwVxE/I04Gcdpm4Xwx9VPCpRzrMA8 |
| 60 |
J8dj/QXu7pKZPEXv98pH0jHWHlDpKzT0jmEbgX/EOOImatJlkLNKuZ88vyalAoAQ |
| 61 |
kCfN+8ThbvyhEqknmUA/p/yaGTDGw+f7cjO2utYfDsgo7ug9zD4JraaqoQl0XKSb |
| 62 |
sH5aDJyE4Ra43o990Bvxx+pq7nTiFiAXZBLB+CVfMT+Qau8V+uatHFfuRufFftBW |
| 63 |
2DOXiApJLODZjGwG/qUKdcXL/y4Y41lQcRlGUrLLUssiwn0WrpDBQVxQugUt5ZGD |
| 64 |
GGQsC6fQkYBN7XnLL/jC6jzGTQEgDedba7NfL8EsvQK7eEN2EuGrfkzrc5onz0qr |
| 65 |
wruWGhnolWbzkIWtJSY6OHzcv3SUXOlSjLdApXkl57zIAsbAWK1jBXvMyf4XBzss |
| 66 |
x17T30gjSW98puWg3Gwd0VPBm43M+Dwc2WEncpDetbqewbs3uCmfdhT4FsX3b0p2 |
| 67 |
x8jygv7LPRNiXHbmUcEmbiMUXqK5//M052xpld993+onCmHZ+28LwVlXEkoWUS+G |
| 68 |
B9EZD2RezYd2u1FeMCm0 |
| 69 |
=ybn4 |
| 70 |
-----END PGP SIGNATURE----- |
Archives