Re: [Monotone-devel] list branches on server?

[Timothy Brownawell]

On Sat, 2009-08-22 at 19:13 +0200, Thomas Keller wrote:
> Stephen Leake schrieb:
> > Timothy Brownawell <address@hidden> writes:
> > 
> >> On Sat, 2009-08-22 at 09:44 -0400, Stephen Leake wrote:
> >>> Is there a way to list the branches in a database on a server, without
> >>> downloading the whole database?
> >> Not yet, that happens after we move to ssl transport and enable
> >> 'automate stdio' over the network.
> > 
> > That makes sense.
> > 
> > How is that going? I have some time to spend; can I help in some way?
> 
> One of the currently unresolved issues I can think of here is the
> security model which has to be applied. For now the `automate` interface
> has no security model at all, thus you can do everything on the database
> as soon as you get access to a running instance.
> 
> Maybe we should get an idea of how to manage security here first?

Use people's monotone keys as (self-signed) client certificates
(assuming it doesn't make sense for there not to be a way to retrieve
the key info from the ssl layer), and add a lua hook
"get_automate_command_permitted(command_name, key_info)" that's checked
when anyone tries to an automate command from the network. So everything
would be controlled by lua hooks, based on the key the client uses.