Forbid uncommits over the network
Aaron Bentley
aaron at aaronbentley.com
Fri May 8 16:19:23 BST 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Lasse Kliemann wrote:
> Is there any official statement available that
> 'append_revisions_only' in fact closes all possible loopholes
> through which existing revisions might be tempered with (provided
> there is only network access via 'bzr serve' to the repository)?
No. See John's email. At this point, it's not feasible to disable the
nosmart / vfs mode, and that would be required to prevent tampering.
Aaron
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkoETXsACgkQ0F+nu1YWqI202QCfb+jB5V3UNO0M1q/M+h2w1sdX
lIYAn2iEMY6vWqEu+XJWDAOihKsvr87O
=W3XK
-----END PGP SIGNATURE-----
More information about the bazaar
mailing list