72
73
74
75
76
77
78
|
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
|
+
+
+
+
+
+
+
+
+
+
+
+
+
+
|
are still taking up space in the unversioned content table of the
server repository. To purge the obsolete build products, one or
more [/help?cmd=uv|fossil uv rm] commands are run, followed by
another [/help?cmd=uv|fossil uv sync]. It is important to purge
obsolete build products since they take up a lot of space.
At [/repo-tabsize] you can see that the unversioned table takes up
a substantial fraction of the repository.
<h2>3.0 Security</h2>
Only users with the [/setup_ulist_notes|"y" permission] are allowed
to push unversioned content up to the servers. Having the ability
to push check-ins (the [/setup_ulist_notes|"i" permission]) is not
sufficient.
On the Fossil project there are 67 people (as of 2017-03-24) who have
check-in privileges. But only 3 people (Richard Hipp, Dan Kennedy,
and Joe Mishtachkin) have the ability push unversioned content and thus
change the build products on the download page. Minimizing the number
of people who can change the build products helps to ensure that
rogue binaries do not slip onto the download page unnoticed.
|