|author||http://richard.maw.name/ <Richard_Maw@web>||2017-02-12 14:39:37 +0000|
|committer||Daniel Silverstone <email@example.com>||2017-02-12 14:39:37 +0000|
Diffstat (limited to 'about/what-is.mdwn')
1 files changed, 10 insertions, 0 deletions
diff --git a/about/what-is.mdwn b/about/what-is.mdwn
index e1fa5c9..5d6648e 100644
@@ -29,9 +29,19 @@ Gitano implements the git interface by generating `git-daemon-export-ok` files f
# Access rules defined as customisable ACLs
All Gitano commands consult ACLs written in [lace] to determine whether the operation is permitted.
+Existing git operations have ACLs applied by a hook installed by Gitano.
This allows a Gitano administrator to define rules that permit delegation of roles to different users,
and if those roles are defined by group membership and the ability to add a user to a group is delegated
then the permission to grant permissions can also be delegated.
+# Maximally sandboxed hooks run in Lua
+In addition to installing hooks to provide ACL checking for git operations,
+these hooks will also run hooks written in Lua in a [supple] sandbox,
+so it's safe to run semi-trusted code contributed by users
+for purposes such as notifying web services of a repository update.