summaryrefslogtreecommitdiff
path: root/about/what-is.mdwn
diff options
context:
space:
mode:
Diffstat (limited to 'about/what-is.mdwn')
-rw-r--r--about/what-is.mdwn10
1 files changed, 10 insertions, 0 deletions
diff --git a/about/what-is.mdwn b/about/what-is.mdwn
index e1fa5c9..5d6648e 100644
--- a/about/what-is.mdwn
+++ b/about/what-is.mdwn
@@ -29,9 +29,19 @@ Gitano implements the git interface by generating `git-daemon-export-ok` files f
# Access rules defined as customisable ACLs
All Gitano commands consult ACLs written in [lace][] to determine whether the operation is permitted.
+Existing git operations have ACLs applied by a hook installed by Gitano.
This allows a Gitano administrator to define rules that permit delegation of roles to different users,
and if those roles are defined by group membership and the ability to add a user to a group is delegated
then the permission to grant permissions can also be delegated.
[lace]: https://www.gitano.org.uk/lace/
+
+# Maximally sandboxed hooks run in Lua
+
+In addition to installing hooks to provide ACL checking for git operations,
+these hooks will also run hooks written in Lua in a [supple][] sandbox,
+so it's safe to run semi-trusted code contributed by users
+for purposes such as notifying web services of a repository update.
+
+[supple]: https://www.gitano.org.uk/supple/