Menu
I'm using git and Codebase for a project.
I just did a test and I'm able to commit to the git repository with a different email address and name set which causes it to tag the commit as being by a different user. I pushed this to the repository and it showed up as that user having committed even though it was me.
Is there a way to prevent users from committing or pushing with someone else's user details (effectively so they can't "forge" commits as being from a different user)?
Edit:
I assume this authentication would need to happen at the stage of pushing commits to the server since in the local working copy it's simply a repository which the user has full access to, to do whatever they want with. Is this therefore something I should ask Codebase about maybe?
Edit 2:
Git config as requested:
(repo/.git/config)
[core]
repositoryformatversion = 0
filemode = true
bare = false
logallrefupdates = true
ignorecase = true
[remote "origin"]
fetch = +refs/heads/*:refs/remotes/origin/*
url = [email protected]:<redacted company name>/<redacted project name>/test.git
[branch "master"]
remote = origin
merge = refs/heads/master
501
GitHub uses the email address in the commit header to link the commit to a GitHub user. If your commits are being linked to another user, or not linked to a user at all, you may need to change your local Git configuration settings, add an email address to your account email settings, or do both.
Ooops: While this is a valid technique, it assumes you have effectively full control over the server. If you're using a hosted solution all bets are off.
You can validate the author name and email in the repository's update hook. You can get both values like this:
#!/bin/sh
set -- refname sha1_old sha1_new
author_name=$(git log --pretty=format:%an $sha1_new)
author_email=$(git log --pretty=format:%ae $sha1_new)
The trick, of course, is figuring out whether or not these are valid. Here's one trick:
You can use the command="" option in your ssh configuration to make a wrapper around git-receive-pack that maps ssh keys to author information. For example, something like this:
#!/bin/sh
GV_AUTHOR_NAME="$1"
GV_AUTHOR_EMAIL="$2"
export GV_AUTHOR_EMAIL GV_AUTHOR_NAME
eval exec $SSH_ORIGINAL_COMMAND
And you would use an authorized_keys line something like this:
command="~/bin/gitvalidator 'Lars Kellogg-Stedman' '[email protected]'" ssh-rsa ...
The result of all this is that your update script would have the environment variables GV_AUTHOR_NAME and GV_AUTHOR_EMAIL available, and could check these against the commit and exit with an error if they didn't match.
66
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
