I have some private repos. But i discovered that anyone can CLONE and PUSH my private repo by the URL without any authorization.
Do i miss some security options or this is a bug?
1 Like
Sounds more like you missed a configuration option. We’ve been using private repo’s for years and don’t have this problem. You need to check your configuration.
Or perhaps you are using Git on Windows which cache’s the auth credentials?
Which configuration will cause this? I test this issue on a new machine. I’m using gitlab.com for years, I don’t have this problem about private repo before.
Hi there @hardy_liu, did you finally find the solution?
I seem to have the same problem, I checked if by chance it depended on the presence of some SSH key, but it doesn’t depend on this…
So the repository is private and can be cloned by anyone!