Re: svn.gnome.org commit notification hooks and Git
- From: Owen Taylor <otaylor redhat com>
- To: Tim Janik <timj gtk org>
- Cc: gimp-web lists XCF Berkeley EDU, gnome-infrastructure gnome org, malerba gnome-db org, Sven Neumann <sven gimp org>, gnome-web-list gnome org
- Subject: Re: svn.gnome.org commit notification hooks and Git
- Date: Mon, 06 Apr 2009 11:23:44 -0400
On Fri, 2009-04-03 at 01:56 +0200, Tim Janik wrote:
> On Thu, 2 Apr 2009, Owen Taylor wrote:
>
> > I'm trying to sort out notification hooks for svn.gnome.org prior to the
> > migration to git. If you are receiving the mail, I think you might knows
> > something about one of the existing mail hooks. Please read this or your
> > website update may stop working.
> >
> > My proposal
> > ============
> [...]
>
> Sounds very good to me. Thanks for looking into this at that level
> of detail Owen.
>
> > gtk-web
> > echo $REPOS $REV | mail -s "gtk-web commit <secret key>" timj gtk org
> >
> > I think it's really up to the recipient to script things so that someone can't
> > create a horrible DOS by sending malicious mails. (Simply causing a continual
> > rebuild doesn't sound very fun.) If needed, though, we can just configure
> > timj+<secret_key>@gtk.org as the recipient. ("secret" ... the git configuration
> > won't be protected by any strong measures, though it should be moderately
> > hard to get to.)
>
> I'd prefer a "secret" in the Header, Subject or Body, so it's just a
> matter of adding a secret matching line to procmail rules, rather than
> having to configure additional email aliases (which might not be easy
> for systems where users don't have admin rights or generally quick
> admin task handling).
If you have local delivery, then isn't plussing pretty much universally
available? (with qmail, you might need timj-<secret_key>...)
I don't want to complicate things for this small amount of security.
- Owen
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
