[Monotone-devel] Re: Re: Re: Re: How will policy branches work?

[Boris]

On Wed, 06 Feb 2008 17:43:37 +0200, Zack Weinberg <address@hidden> wrote:

> [...]We think that it'll be both friendlier and more secure if we allow
> people to do whatever they want locally, but not force changes in
> violation of policy on anyone else.  It ends up working almost like

Yes, that's fine. I want people to do what they want but only in projects  
they are allowed to work on - which means projects they received through  
their monotone database. Other projects (in my database) they are not  
assigned to should not be transferred to their database - no matter if  
they sync with a central monotone server or with other developers. I  
understand that there won't be 100% security. But if I can tell monotone  
not to send around all files between developers by default and if not  
every developer has to maintain the very same configuration as on the  
central server that would already be helpful.

> what you describe in practice.  There is a set of permission settings
> signed (not encrypted) with the administrator's private key.  One of
> those settings is the administrator's public key.  Anyone can, in
> their own database, substitute a permission set signed with their own
> private key which lists their own public key as having administrative
> rights.  But everyone else's database ignores that change because they
> only trust the original administrator, not the usurper.

What kind of permissions can be set in policy branches? Basically the same  
which can be set today with the files write-permissions/read-permissions?

Boris