[PULL][PATCH 0/1] Do setuid before git operations

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Jack (Szu-Chieh) Wang" <jackwa@google.com>
To: poky@lists.yoctoproject.org
Cc: Jack Wang <jackwa@google.com>, ryanoleary@google.com
Subject: [PULL][PATCH 0/1] Do setuid before git operations
Date: Fri, 13 May 2022 10:03:44 +0000	[thread overview]
Message-ID: <cover.1652432972.git.jackwa@google.com> (raw)

From: "Jack (Szu-Chieh) Wang" <jackwa@google.com>

/etc/build information missing is because the new git thinks it's
unsafe to do git operations if the directory has a different uid from
the executing process'. However, there are still cases that we are
building the image with a different uid, making git reporting false
alarms. This patch identifies the cases by attempting to setuid to the
owner of the git directory and if this works, it should be the
expected git repo thus safe to do git operations.

The following changes since commit 7b48f329aedc7fcb277302ba6ff167f22e5b1f22:

  scripts/autobuilder-worker-prereq-tests: add additional limit testing (2022-05-11 19:59:44 +0100)

are available in the Git repository at:

  git://git.yoctoproject.org/poky-contrib jackwang/setuid-before-git-op
  http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=jackwang/setuid-before-git-op

Jack Wang (1):
  Do setuid before git operations

 meta/classes/metadata_scm.bbclass | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

-- 
2.36.0.550.gb090851708-goog

next             reply	other threads:[~2022-05-13 10:03 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-05-13 10:03 Jack (Szu-Chieh) Wang [this message]
2022-05-13 10:04 ` [PATCH 1/1] Do setuid before git operations Jack (Szu-Chieh) Wang
2022-05-13 10:14 ` [poky] [PULL][PATCH 0/1] " Richard Purdie
2022-05-13 10:19   ` Jack (Szu-Chieh) Wang
2022-05-13 10:22     ` Richard Purdie
2022-05-13 10:48       ` Jack (Szu-Chieh) Wang

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=cover.1652432972.git.jackwa@google.com \
    --to=jackwa@google.com \
    --cc=poky@lists.yoctoproject.org \
    --cc=ryanoleary@google.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.