commit emails from a central server with bzr 2.6
Robert Collins
robertc at robertcollins.net
Fri Jun 7 03:28:40 UTC 2013
On 6 June 2013 17:48, Glenn Morris <rgm at gnu.org> wrote:
>
> I got it working. There was a hard-coded --no-plugins being passed to
> bzr in the script that acts as the login shell for Savannah users.
>
> You may remember being prescient about this:
>
> http://lists.gnu.org/archive/html/savannah-hackers-public/2010-03/msg00050.html
>
> :)
Doh, I do now :).
>
> Could you reassure me that removing --no-plugins is fine from a security
> point of view? I don't really understand why Sylvain Beucler was so keen
> on it back in 2010 [1]. I understand that users should not be able to
> install arbitrary plugins. AFAIK, there is no way a Savannah user can do
> this. They have no access to their home directories. In any case, the
> login shell runs bzr with $ENV{'HOME'} = '/var/lib/bzr', and users
> certainly do not have write access to that.
I think its fine. LP runs bzr with plugins enabled [a select set, to
be sure]. Allowing users to install their own plugins would be a bad
idea, but you've already got that covered :).
-Rob
--
Robert Collins <rbtcollins at hp.com>
Distinguished Technologist
HP Cloud Services
More information about the bazaar
mailing list