From: Derrick Stolee <derrickstolee@github.com>
To: Junio C Hamano <gitster@pobox.com>,
Derrick Stolee via GitGitGadget <gitgitgadget@gmail.com>
Cc: git@vger.kernel.org, me@ttaylorr.com, johannes.schindelin@gmx.de
Subject: Re: [PATCH 0/3] Updates to the safe.directory config option
Date: Wed, 13 Apr 2022 12:25:40 -0400 [thread overview]
Message-ID: <e8383303-e82c-dc23-9f28-6ff566021e82@github.com> (raw)
In-Reply-To: <xmqq35iharig.fsf@gitster.g>
On 4/13/2022 12:15 PM, Junio C Hamano wrote:
> "Derrick Stolee via GitGitGadget" <gitgitgadget@gmail.com> writes:
>
>> Here is a very fast response to the security release yesterday.
>
> Wow. While I were down the whole day yesterday after sending the
> release announcement, it seems a lot have happened X-<. Does your
> "a very fast" expect only "wow, thanks for a fast reponse", or does
> it also expect "ok, we'll take a deep look with a spoonful of salt
> as it was prepared in haste"?
I tried to do my due diligence here, but I will admit to some amount
of haste being applied due to the many distinct sources that have
motivated the change.
>> The second patch here is an adaptation from a contributor who created a pull
>> request against git/git [1]. I augmented the patch with a test (the test
>> infrastructure is added in patch 1).
>>
>> The third patch is a change to the safe.directory config option to include a
>> possible "*" value to completely opt-out of the check. This will be
>> particularly helpful for cases where users run Git commands within a
>> container. This container workflow always runs as a different user than the
>> host, but also the container does not have access to the host's system or
>> global config files. It's also helpful for users who don't want to set the
>> config for a large number of shared repositories [2].
>
> Let me take a look how well these integrate into the maintenance
> tracks.
>
> I would appreciate something that is targetted and narrow that can
> be applied to the oldest maintenance track (2.30.3) and then merged
> upwards, plus niceties on top that does not necessarily have to
> apply to the oldest ones if the surrounding code or tests were
> changed more recently.
The tests that are added are in a new test file, so hopefully
those don't collide with anything.
The changes in setup.c apply within the ensure_valid_ownership()
so should apply to any versions that have the fix.
Thanks,
-Stolee
next prev parent reply other threads:[~2022-04-13 16:25 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-13 15:32 [PATCH 0/3] Updates to the safe.directory config option Derrick Stolee via GitGitGadget
2022-04-13 15:32 ` [PATCH 1/3] t0033: add tests for safe.directory Derrick Stolee via GitGitGadget
2022-04-13 16:24 ` Junio C Hamano
2022-04-13 16:29 ` Derrick Stolee
2022-04-13 19:16 ` Ævar Arnfjörð Bjarmason
2022-04-13 19:46 ` Junio C Hamano
2022-04-13 19:52 ` Derrick Stolee
2022-04-13 15:32 ` [PATCH 2/3] setup: fix safe.directory key not being checked Matheus Valadares via GitGitGadget
2022-04-13 16:34 ` Junio C Hamano
2022-04-13 15:32 ` [PATCH 3/3] setup: opt-out of check with safe.directory=* Derrick Stolee via GitGitGadget
2022-04-13 16:40 ` Junio C Hamano
2022-04-13 16:15 ` [PATCH 0/3] Updates to the safe.directory config option Junio C Hamano
2022-04-13 16:25 ` Derrick Stolee [this message]
2022-04-13 16:44 ` Junio C Hamano
2022-04-13 20:27 ` Junio C Hamano
2022-04-13 21:25 ` Taylor Blau
2022-04-13 21:45 ` Junio C Hamano
2022-04-27 17:06 ` [PATCH 0/3] t0033-safe-directory: test improvements and a documentation clarification SZEDER Gábor
2022-04-27 17:06 ` [PATCH 1/3] t0033-safe-directory: check the error message without matching the trash dir SZEDER Gábor
2022-05-09 22:27 ` Taylor Blau
2022-05-10 6:04 ` Carlo Marcelo Arenas Belón
2022-04-27 17:06 ` [PATCH 2/3] t0033-safe-directory: check when 'safe.directory' is ignored SZEDER Gábor
2022-04-27 20:37 ` Junio C Hamano
2022-04-29 16:12 ` Derrick Stolee
2022-04-29 17:57 ` Junio C Hamano
2022-04-29 19:06 ` SZEDER Gábor
2022-04-29 19:19 ` Derrick Stolee
2022-05-10 18:33 ` SZEDER Gábor
2022-05-10 19:55 ` Taylor Blau
2022-05-10 20:06 ` Carlo Marcelo Arenas Belón
2022-05-10 20:11 ` Taylor Blau
2022-05-10 20:18 ` Eric Sunshine
2022-04-27 17:06 ` [PATCH 3/3] safe.directory: document and check that it's ignored in the environment SZEDER Gábor
2022-04-27 20:42 ` Junio C Hamano
2022-04-27 20:49 ` Junio C Hamano
2022-04-29 16:13 ` Derrick Stolee
2022-05-09 21:39 ` SZEDER Gábor
2022-05-09 21:45 ` Junio C Hamano
2022-05-10 18:48 ` SZEDER Gábor
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=e8383303-e82c-dc23-9f28-6ff566021e82@github.com \
--to=derrickstolee@github.com \
--cc=git@vger.kernel.org \
--cc=gitgitgadget@gmail.com \
--cc=gitster@pobox.com \
--cc=johannes.schindelin@gmx.de \
--cc=me@ttaylorr.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.