Gitolite is an access control layer on top of git, which allows access control
down to the branch level, including specifying who can and cannot rewind a
Gitolite lets you use a single user on a server to host many git repositories
and provide access to many developers, without having to give them real
userids on or shell access to the server. Authentication is most commonly done
using sshd, but you can also use httpd if you prefer.
Gitolite can restrict who can read from (clone/fetch) or write to (push) a
repository. It can also restrict who can push to what branch or tag, which is
very important in a corporate environment.