|
From: | Zack Weinberg |
Subject: | Re: [Monotone-devel] Re: [RFC] versioned policy -- introduction |
Date: | Thu, 7 Sep 2006 12:22:16 -0700 |
On 9/7/06, Bruce Stephens <address@hidden> wrote:
"Justin Patrin" <address@hidden> writes: That would be the netsync way to do it, yes. Alternatively, the server could permit these changes, and then you apply the trust decisions when doing "update", "merge", etc. Just as monotone works now (with the get_revision_cert_trust hook, mostly, but also the testsuite one, I guess). Both seem doable. I guess the testing on use way would more easily allow changing policy: you'd have a reasonably fixed database, and the various access decisions could change as the policy changed.
I just want to chime in with a scenario where you really want the check to happen on netsync: a project may want to ensure that its official server's database contains only data that they are sure they have permission to distribute, even in un-blessed revisions. Otherwise, a bunch of warez d00dz could perfectly well piggyback on someone's project server -- they don't care that their illicit revisions are not considered part of the project, they can still get 'em. And I think the project would still be in legal trouble. zw
[Prev in Thread] | Current Thread | [Next in Thread] |