Meeting agenda bot, website, git, ssh

Ian Jackson ijackson at
Wed Jan 21 10:27:51 UTC 2009

Joerg Jaspert writes ("Re: Meeting agenda bot, website, git, ssh"):
> [Ian:]
> > If the code for something running on the server is kept in git then
> > effectively everyone who can write to the git can run code on the
> > server, because even if pushing to the running copy is manual no-one
> > will review every diff.
> Are we up to splitting hairs now? :)

This was the motivation for my original question, so not
hair-splitting at all.

> Yes, of course, if you can commit stuff you can commit bad things too.
> Somehow thats (technically) not avoidable. Unless you want one of us
> admins play gatekeeper, and *I* sure not want to add such a
> restriction.

One obvious approach is to have differently-access-controlled git
repositories only some of which are able to take over the machine.

For example, people who need to edit web pages do not need to be able
to run code on the server.  I assume (perhaps over-optimistically)
that whatever CMS(s) we are using do not permit the author of the page
data to execute code on the server.


More information about the Spi-general mailing list