Re: [PATCH 0/2] Don't make $GIT_DIR executable
On 11/15/2014 08:50 AM, Eric Wong wrote: Michael Haggerty mhag...@alum.mit.edu wrote: Michael Haggerty (2): create_default_files(): don't set u+x bit on $GIT_DIR/config config: clear the executable bits (if any) on $GIT_DIR/config Thanks, I should've noticed this earlier :x Tested-by: Eric Wong normalper...@yhbt.net Since the damage is done, perhaps removing +x from $GIT_DIR/config on _any_ git operation would be appropriate. I believe that the u+x bit on the config file should be pretty harmless. Nobody is likely to try to execute their config files, and even if they do, the file contents are unlikely to resemble a script enough to do anything bad. So my feeling is that it is unnecessary to make every git invocation try to remove the u+x bit on the file. Thus I'd rather skip the code clutter and extra system call, limiting cleanup attempts to when the config file is being rewritten anyway. But if other people are more alarmed than I am about having executable config files, I could certainly be persuaded that the extra effort is justified. Michael -- Michael Haggerty mhag...@alum.mit.edu -- To unsubscribe from this list: send the line unsubscribe git in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 0/2] Don't make $GIT_DIR executable
Starting with v2.1.0, git init creates $GIT_DIR/config with its u+x bit set. These two patches are belt and suspenders--either one would fix the bug, but IMO it makes sense to apply both of them. Plus, the second patch will help repair repositories that were created while this bug was in the wild. I think these patches should go into maint. They apply cleanly there. When merging forward to master, there are two conflicts in config.c which can be resolved by s/lock-filename/lock-filename.buf/ in two places. Michael Haggerty (2): create_default_files(): don't set u+x bit on $GIT_DIR/config config: clear the executable bits (if any) on $GIT_DIR/config builtin/init-db.c | 1 + config.c | 12 ++-- 2 files changed, 11 insertions(+), 2 deletions(-) -- 2.1.1 -- To unsubscribe from this list: send the line unsubscribe git in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 0/2] Don't make $GIT_DIR executable
Michael Haggerty mhag...@alum.mit.edu wrote: Michael Haggerty (2): create_default_files(): don't set u+x bit on $GIT_DIR/config config: clear the executable bits (if any) on $GIT_DIR/config Thanks, I should've noticed this earlier :x Tested-by: Eric Wong normalper...@yhbt.net Since the damage is done, perhaps removing +x from $GIT_DIR/config on _any_ git operation would be appropriate. -- To unsubscribe from this list: send the line unsubscribe git in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
