<div dir="ltr"><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Jan 7, 2014 at 9:53 PM, Yan Zhu <span dir="ltr"><<a href="mailto:yan@eff.org" target="_blank">yan@eff.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div id=":gf" style="overflow:hidden">In theory this is a fine idea, but I'm not a sysadmin and EFF's tech<br>
ops team is already overloaded with work as is. Having said that, if<br>
you or another volunteer wants to set up a server to do this, I would<br>
have no objections. :)</div></blockquote></div><br></div><div class="gmail_extra"><br></div><div class="gmail_extra">Well, technically, if the javascript-git-in-the-extension idea is acceptable, you don't need a server: all is needed is a new git repository on a pre-existing server (<i><a href="https://git.torproject.org/https-everywhere-rules.git">https://git.torproject.org/https-everywhere-rules.git</a></i> <i>?</i>) that goes with the the https-everywhere-rules mailing list.<br>
<br>It should be "write only", of course, meaning that everybody can write to is but only a few chosen ruleset reviewers can read from it (otherwise, you'll find your repository being used as a spam distribution point / file storage website in a couple hours or less).<br>
<br>The reviewers can then easily review commits (via authenticated GitWeb or by manually pulling the repo) and replace the "take the attachment, review it, put it in the folder, commit" procedure with a "git merge".<br>
<br>This way, you don't actually have to worry about the server monitoring you (assuming <a href="http://git.torproject.org">git.torproject.org</a> doesn't store that many logs :P In any case, a warning is always good).<br>
As for the server protection, I can't speak for D[d]oS prevention, but git+write only repo should be safe against server code injection and XSS.<br><br></div><div class="gmail_extra">That's all!<br><br></div><div class="gmail_extra">
Best regards,<br></div><div class="gmail_extra"><br>Claudio<br></div></div>