Please sign in to comment.
MAJOR BUGFIX: disallow "hooks" directory in admin repo
Although this is not a "hole" that allows a normal user to bypass controls, I still consider this a hole in the sense that I want to separate "admin push" rights from "shell access on server" rights. (I realise that most people don't make this distinction, but I do, and for me and most sites I consult for it is important). Thanks to drue on #gitolite who pointed it out excitedly, and apologies for killing what he thought of as a feature!
- Loading branch information...