0

We want to restrict my developer to upload our own project to their own repository.

Dave M
  • 4,494
  • 21
  • 30
  • 30
user3136863
  • 1
  • 1
  • 4
    You can't. If you provide them access to the code, you can't control what they do with it. – Gerald Schneider Mar 17 '20 at 12:53
  • Is there any option available at enterprise edition?. We want to avoid data leakage from our network to out side the world via git ?. – user3136863 Mar 17 '20 at 13:20
  • 1
    No. That is part of git's distributed nature. You can't enforce permissions on an arbitrary replicating system. – fuero Mar 17 '20 at 13:29
  • @fuero what is the best way to secure my project within the origanization? .2). And how can i restrict private login using his own id inside the organization? 3).Can i restrict his login if we use Oauth login method? – user3136863 Mar 17 '20 at 13:32
  • 3
    You're still not getting it. They can copy all that source code into a `.zip` file and email it somewhere, or upload it to Facebook, or any number of other ways. There's no iron-clad technological solution here; hire vetted people, take good care of them, and if they violate that trust, it's time to get a lawyer. – ceejayoz Mar 17 '20 at 13:43

1 Answers1

2

Git is a distributed version control system. It's core concept is that you (as a developer) have a complete copy of the code on your system you may synchronize to several sources (aka remotes) to facilitate cooperation - or even send around patches via e-mail (as the Linux kernel devs do).

In the simplest case, this is another computer you connect to with SSH and has a so-called bare copy (consult the docs on that).

Whatever git hosting solutions are available take care of:

  • offering different access protocols (HTTP(S), GIT)
  • handling authorization and authentication
  • other fancy things like issue tracking, kanban boards, whatever.

The point here is that permissions and users only exist on the server side. Once you have the repo or branch(es) cloned to your computer, no way to enforce permissions exists. And even if there were, good luck restricting the user from passing on a ZIP file of the cloned copy.

Your only recourse here is, as @ceejayoz put it:

There's no iron-clad technological solution here; hire vetted people, take good care of them, and if they violate that trust, it's time to get a lawyer.

fuero
  • 9,413
  • 1
  • 35
  • 40