[SAC] Trac global config pushed to Gogs private repo
Martin Spott
Martin.Spott at mgras.net
Mon May 23 07:21:55 PDT 2016
Hi Sandro,
Sandro Santilli wrote:
> On Mon, May 23, 2016 at 10:49:32AM +0000, Martin Spott wrote:
>> Works after logging in, but why am I supposed to log in just for
>> read-only access alias browsing a repo ?
>
> Each repository can be configured to be either public or private.
> In this case, it is a private repository. We can decide if we
> want to make it public. Personally I'm creating configuration
> repositories as private by default.
Were observing different approaches of securing sensitive information,
it seems to me. Personally I'd rather not put sensitive config
information into a world-wide remote-accessible repository at all -
particularly not using a frontend whose auth mechanism doesn't feature
a well-known good reputation.
Therefore I'd suggest: If it requires protection, don't put it online
anywhere, if it doesn't require protection, make the repo public.
Opinions ?
Martin.
--
Unix _IS_ user friendly - it's just selective about who its friends are !
--------------------------------------------------------------------------
More information about the Sac
mailing list