Missed Team ’24? Catch up on announcements here.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Whats is the certificate that verify the local git users on bitbucket?

crynof
crynof July 23, 2019

Hi!, i have a question about bitbucket permissions.

I have an account "A" with a mail "a@mail.com" thats is a owner of one repository.
Then i invite an other person named "B" with mail "b@mail.com" and i set at developer.

If i am A, and clone on my PC this repository and set my name and mail with git -config, can i make commits and push.

If i change the git config with B name and mail and i try to commit and push, i can and this is showed in commit line on repository.

If i change again to new C user and mail and try to commit and push, i can also still withous has been seted on Bitbucket like developer.

How can i to restrict commit and push pemision on bitbucket?

Whats is the certificate that verify if the local user preconfigured on git  belong to git repository access permision on bitbucket?

21.png


Thanks!

 

Answer
Watch
Like Be the first to like this
276 views

1 answer

1 accepted

1 vote
Answer accepted
Daniil Penkin
Daniil Penkin
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 23, 2019

Hello @crynof,

Bitbucket Cloud indeed doesn't verify committers, repository permissions are applied to the pusher. And yes, at the moment you can kind of trick anyone browsing your repo by changing you local git configuration. There's a related setting to map unresolved git users to Bitbucket users, see this page.

Unfortunately, Bitbucket Cloud doesn't yet support committer verification nor signed commits.

Let me know if you have any questions.

Cheers,
Daniil

View More Comments
crynof
crynof July 24, 2019

Many Thanks Daniil, i understand, then i will to take care that who have access to repository, to avoid indesired pushs.

Cheers

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events