[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Monotone-devel] Re: [RFC] versioned policy -- introduction

From: Zack Weinberg
Subject: Re: [Monotone-devel] Re: [RFC] versioned policy -- introduction
Date: Thu, 7 Sep 2006 12:22:16 -0700

On 9/7/06, Bruce Stephens <address@hidden> wrote:
"Justin Patrin" <address@hidden> writes:
That would be the netsync way to do it, yes.  Alternatively, the
server could permit these changes, and then you apply the trust
decisions when doing "update", "merge", etc.  Just as monotone works
now (with the get_revision_cert_trust hook, mostly, but also the
testsuite one, I guess).

Both seem doable.  I guess the testing on use way would more easily
allow changing policy: you'd have a reasonably fixed database, and the
various access decisions could change as the policy changed.

I just want to chime in with a scenario where you really want the
check to happen on netsync: a project may want to ensure that its
official server's database contains only data that they are sure they
have permission to distribute, even in un-blessed revisions.
Otherwise, a bunch of warez d00dz could perfectly well piggyback on
someone's project server -- they don't care that their illicit
revisions are not considered part of the project, they can still get
'em.  And I think the project would still be in legal trouble.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]