Petr Ročkai <[email protected]> writes:
> If someone managed to create patches referring to files under _darcs
> (by removing that _darcs entry from their boring file), I can only
> assume that BAD THINGS would happen.
Out of curiosity, I simulated such an attack:
$ with-temp-dir
with-temp-dir: entering directory `/tmp/with-temp-dir.n5DiqN'
This directory will be deleted when you exit.
$ darcs init
$ date >x
$ darcs rec -qlamx x
Recording changes in "x":
Finished recording patch 'x'
$ darcs init --repo null
$ darcs send --dont-sign --dont-edit -aox.dpatch null
Creating patch to "/tmp/with-temp-dir.n5DiqN/null"...
Wrote patch to /tmp/with-temp-dir.n5DiqN/x.dpatch.
$ sed -i x.dpatch -e 's|./x|./_darcs/x|g' -e '/Patch bundle hash:/,$d'
$ darcs apply --repo null x.dpatch
darcs failed: Malicious path in patch:
./_darcs/x
If you are sure this is ok then you can run again with the
--dont-restrict-paths option.
_______________________________________________
darcs-users mailing list
[email protected]
http://lists.osuosl.org/mailman/listinfo/darcs-users
