1

Many online Git hosting services (such as GitHub and GitLab) allow you to 'protect' certain branches so that only project administrators can modify them.

The purpose of this is to allow non-admin contributors to work in other branches without risking the production code sitting in master.

The problem with this is that the only thing protecting the master branch from being modified by non-admin contributors is some arbitrary/non-standard setting in the web control panel for whatever Git hosting service I am using.

Is there a way that the security of this system could be improved? For example by being backed by some form of proper authentication or cryptography?

jamieweb
  • 435
  • 1
  • 3
  • 11
  • 1
    https://stackoverflow.com/questions/8781240/a-way-to-restrict-git-branch-access – avicoder Oct 03 '18 at 08:11
  • 2
    I'm just reiterating what Theophany said (hence the comment), but: there isn't really anything for this built into git. As a result, the only option is by using whatever non-standard settings your git hosting service provides. There isn't too much to worry about though because they are able to fully control access to your repository since they are hosting it, so they are fully capable of enforcing their rules. Technically they might have a bug that allowed someone to circumvent the access controls, but there are plenty of threat vectors that I would worry about before that one. – Conor Mancone Oct 03 '18 at 12:53
  • encrypted code is useless for a repo, there's no way to diff it, search it, etc... – dandavis Oct 03 '18 at 16:28
  • @dossi Thanks for the link, that has some really good answers. I think that the route I'm going to take is having separate repositories as the 'branches' rather than proper branches within the same repo. This solution is also independent of the hosting service, which is good. – jamieweb Oct 05 '18 at 01:33
  • @dandavis I was meaning some form of integrity checking or signing, although in many cases encryption could provide this too. – jamieweb Oct 05 '18 at 01:36
  • 1
    @jamieweb: we use GIT's sub-modules feature to do something like that, it lets us integrate a little better than silo'd separate repos, but retains many separate-repo advantages, ex: external resources with different perms. Anyway, if you're looking into external repos, sub modules is a good way to make that slightly more seamless... – dandavis Oct 05 '18 at 06:27

1 Answers1

2

I believe Git doesn't have any authentication related features except providing your credentials to the hosting service you are using when you try to push.

That's why the option to "protect" a branch is relying on the hosting service and is implemented differently from one service to another.

The security of this system depends on the security of the hosting service itself.

CheddarLizzard
  • 222
  • 1
  • 2
  • 9