Web lists-archives.com

Re: Shared repositories no longer securable against privilege escalation




Joe Rayhawk <jrayhawk@xxxxxxxxxxxxxxx> writes:

> that, at least on base POSIX, using --shared to share a repository
> between multiple UIDs literally eliminates the purpose of having
> multiple UIDs.

I do not think the world is _that_ blank-and-white.  If you cannot
trust those who push to the repository, you can give them git-only
access without a shell account and keep separating them with UIDs.
If you can, then the --shared setting is suitable for you.