Bert Wesarg <> writes:

> +             switch 
> (safe_create_leading_directories_const(output_directory)) {
> +             case SCLD_OK:
> +             case SCLD_EXISTS:
> +                     break;
> +             default:
> +                     die(_("could not create leading directories "
> +                           "of '%s'"), output_directory);
> +             }
>               if (mkdir(output_directory, 0777) < 0 && errno != EEXIST)
>                       die_errno(_("could not create directory '%s'"),
>                                 output_directory);

There is a slight discrepancy here in that mkdir(..., 0777) is to
honor the umask setting of the user who is running the command and
does not care about anybody else being able to (or unable to) access
the resulting directory.  On the other hand, s-c-l-d is (as you can
guess from the location the function is defined, sha1-file.c) meant
to be used to create hierarchy _inside_ $GIT_DIR/ in such a way that
anybody who needs to access the repository can access it (via
core.sharedrepository config).

I do not think it matters too much in practice, but

        $ git format-patch -o $HOME/my/patch/depot

that creates intermediate levels that can be writable by other
users, only because the repository you took the patches from was
shared with other users, may probably be seen as a security bug.

Reply via email to