On Tue, 2009-12-22 at 08:41 -0800, Josh Stone wrote:
On 12/22/2009 08:09 AM, Jesse Keating wrote:
> On Mon, 2009-12-21 at 18:59 -0800, Josh Stone wrote:
>> Perhaps this should be locked down to private-$USERNAME-*? Otherwise,
>> anyone could push into a branch that I'm trying to work with.
>>
>> Also, I wasn't able to delete a branch that I had pushed -- not sure if
>> you meant to allow that.
>
> If the ACL system were to keep everybody in their own $username
> namespace, no two people could collaborate on a single branch, which
> kinda defeats the purpose of having the server side branch.
Not entirely, as those two people could still pull from each other's
branches. Or as Hans said, some other namespace could be pushable for
the maintainers to collaborate on.
Either we trust that no packager will ever misbehave, or we need to lock
this down...
Josh
Since no official builds would be able to come from the private
branches, and since you can create other branches from other devel
points along the way, I think I'm going to fall on the side of "trust"
here, since we can relatively easily clean up from either mistakes or
malicious intent.
--
Jesse Keating
Fedora -- Freedom² is a feature!
identi.ca:
http://identi.ca/jkeating