[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Monotone-devel] Re: Re: Re: Re: How will policy branches work?

From: Boris
Subject: [Monotone-devel] Re: Re: Re: Re: How will policy branches work?
Date: Wed, 06 Feb 2008 18:58:07 +0200
User-agent: Opera Mail/9.22 (Win32)

On Wed, 06 Feb 2008 17:43:37 +0200, Zack Weinberg <address@hidden> wrote:

[...]We think that it'll be both friendlier and more secure if we allow
people to do whatever they want locally, but not force changes in
violation of policy on anyone else.  It ends up working almost like

Yes, that's fine. I want people to do what they want but only in projects they are allowed to work on - which means projects they received through their monotone database. Other projects (in my database) they are not assigned to should not be transferred to their database - no matter if they sync with a central monotone server or with other developers. I understand that there won't be 100% security. But if I can tell monotone not to send around all files between developers by default and if not every developer has to maintain the very same configuration as on the central server that would already be helpful.

what you describe in practice.  There is a set of permission settings
signed (not encrypted) with the administrator's private key.  One of
those settings is the administrator's public key.  Anyone can, in
their own database, substitute a permission set signed with their own
private key which lists their own public key as having administrative
rights.  But everyone else's database ignores that change because they
only trust the original administrator, not the usurper.

What kind of permissions can be set in policy branches? Basically the same which can be set today with the files write-permissions/read-permissions?


reply via email to

[Prev in Thread] Current Thread [Next in Thread]