Bug#539273: git-core: git bash autocompletion try to access other home directories

Thu, 30 Jul 2009 03:48:03 -0700 

Package: git-core
Version: 1:1.5.6.5-3+lenny2
Severity: minor
Tags: patch

On a machine where I've an automonter for user homes (mounted in
/users/huron), I observed lots of syslog traces such as:
Jul 30 12:22:29 navajo automount[8371]: failed to mount /users/huron/.git
Jul 30 12:22:29 navajo automount[8372]: failed to mount /users/huron/.git
Jul 30 12:22:29 navajo automount[8373]: failed to mount /users/huron/objects
  It took me a while to find the culprit (I was thinking to a bad user
configuration at first). In fact, any people sourcing /etc/bash_completion
(so sourcing /etc/bash_completion.d/git) trigger these logs. A few tests
latter, I see that it comes from the "git help -a" invocation.

  I do not know if "git help" needs to check weather it is in a git
(sub)directory, but it is not needed during the autocompletion setup.
It can be easily avoided by adding, for example, a --git-dir option in the
autocompletion file. For example :
        for i in $(git --git-dir /dev/null help -a|egrep '^ ')
instead of
        for i in $(git help -a|egrep '^ ')


  I'm also currious about security implications. Would it be possible for a
malicious user to create /tmp/.git and/or /tmp/objects and trap (with setting
up plugins, ...) anyone typing "git help" (or another git command) in a
subdirectory of /tmp ?  It is a open question here, I do not know at all (this
is why I let the severity to minor for this bug)

  Regards,
    Vincent

-- System Information:
Debian Release: 5.0.2
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-2-686 (SMP w/1 CPU core)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages git-core depends on:
ii  libc6                  2.7-18            GNU C Library: Shared libraries
ii  libcurl3-gnutls        7.18.2-8lenny2    Multi-protocol file transfer libra
ii  libdigest-sha1-perl    2.11-2+b1         NIST SHA-1 message digest algorith
ii  liberror-perl          0.17-1            Perl module for error/exception ha



-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to