[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Monotone-devel] 'in-repo' macros, example attached (mt.26 only)
From: |
Marcel van der Boom |
Subject: |
Re: [Monotone-devel] 'in-repo' macros, example attached (mt.26 only) |
Date: |
Tue, 28 Mar 2006 09:07:57 +0200 |
On 27 mrt 2006, at 17:52, Chad Walstrom wrote:
Interesting post. I'm curious about the security ramifications of
including runnable applications inside the repository. Have you
considered how to protect against malicious code uploaded to the
repository? What does the trust-chain look like?
Must admit, haven't thought about it much. Bottomline is though,
that the structure as in the example is not much different than say,
putting a bunch of shell scripts under revision control in a repo and
the same principles would apply in both cases.
In my/our usage of monotone i've not used an *explicit* trust chain
based on what types of files are in the repo. Other than giving
people read or write access to branches and implementing a couple of
private branches, i have never gone further than that.
marcel
--
Marcel van der Boom
HS-Development BV -- http://www.hsdev.com
So! webapplicatie framework -- http://make-it-so.info
smime.p7s
Description: S/MIME cryptographic signature