On Fri, Aug 07, 2009 at 10:26:50PM +0200, Nicolas Pouillard <[email protected]> wrote: > > > You can use a custom restricted shell for these users. You could only > > > allow to call "darcs apply". > > > > And then they commit a patch that contains a fork bomb with a 'darcs apply > > -- > > post-hook ./forkbomb --run-posthook' and you're still fried. > > Of course you have to carefully check the flags that are given to darcs apply.
I think the problem is that you can push a setpref patch, then a simple 'darcs apply' will fire you as well. That's why - because of the security problem, by design - for example git does not allow you to push such 'setpref' patches at all.
pgpk3WMxlsIpz.pgp
Description: PGP signature
_______________________________________________ darcs-users mailing list [email protected] http://lists.osuosl.org/mailman/listinfo/darcs-users
