From: Junio C Hamano <gitster@pobox.com>
To: Matt McCutchen <matt@mattmccutchen.net>
Cc: git@vger.kernel.org, Jeff King <peff@peff.net>
Subject: Re: [PATCH] fetch/push: document that private data can be leaked
Date: Sun, 13 Nov 2016 18:57:07 -0800 [thread overview]
Message-ID: <xmqq1syezs3g.fsf@gitster.mtv.corp.google.com> (raw)
In-Reply-To: <1479001205.3471.1.camel@mattmccutchen.net> (Matt McCutchen's message of "Sat, 12 Nov 2016 20:25:55 -0500")
Matt McCutchen <matt@mattmccutchen.net> writes:
> Documentation/fetch-push-security.txt | 9 +++++++++
A new (consolidated) piece like this that can be included in
multiple places is a good idea. I wonder if the original
description in "namespaces" thing can be moved here and then
"namespaces" page can be made to also borrow from this?
> Documentation/git-fetch.txt | 2 ++
> Documentation/git-pull.txt | 2 ++
> Documentation/git-push.txt | 2 ++
> 4 files changed, 15 insertions(+)
> create mode 100644 Documentation/fetch-push-security.txt
>
> diff --git a/Documentation/fetch-push-security.txt b/Documentation/fetch-push-security.txt
> new file mode 100644
> index 0000000..00944ed
> --- /dev/null
> +++ b/Documentation/fetch-push-security.txt
> @@ -0,0 +1,9 @@
> +SECURITY
> +--------
> +The fetch and push protocols are not designed to prevent a malicious
> +server from stealing data from your repository that you did not intend to
> +share. The possible attacks are similar to the ones described in the
> +"SECURITY" section of linkgit:gitnamespaces[7]. If you have private data
> +that you need to protect from the server, keep it in a separate
> +repository.
Yup, and then "do not push to untrustworthy place without checking
what you are pushing", too?
> diff --git a/Documentation/git-fetch.txt b/Documentation/git-fetch.txt
> diff --git a/Documentation/git-pull.txt b/Documentation/git-pull.txt
> diff --git a/Documentation/git-push.txt b/Documentation/git-push.txt
These three look sensible.
next prev parent reply other threads:[~2016-11-14 2:57 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-10-28 21:39 Fetch/push lets a malicious server steal the targets of "have" lines Matt McCutchen
2016-10-28 22:00 ` Junio C Hamano
2016-10-28 22:16 ` Matt McCutchen
2016-10-29 1:11 ` Junio C Hamano
2016-10-29 3:33 ` Matt McCutchen
2016-10-29 13:39 ` Jeff King
2016-10-29 16:08 ` Matt McCutchen
2016-10-29 19:10 ` Jeff King
2016-10-30 7:53 ` Junio C Hamano
2016-11-13 1:25 ` [PATCH] fetch/push: document that private data can be leaked Matt McCutchen
2016-11-14 2:57 ` Junio C Hamano [this message]
2016-11-14 18:28 ` Matt McCutchen
2016-11-14 18:20 ` [PATCH] doc: mention transfer data leaks in more places Matt McCutchen
2016-11-14 19:19 ` Junio C Hamano
2016-11-14 19:00 ` [PATCH] fetch/push: document that private data can be leaked Junio C Hamano
2016-11-14 19:07 ` Jeff King
2016-11-14 19:47 ` Junio C Hamano
2016-11-14 19:08 ` Matt McCutchen
[not found] ` <CAPc5daVOxmowdiTU3ScFv6c_BRVEJ+G92gx_AmmKnR-WxUKv-Q@mail.gmail.com>
2016-10-29 16:07 ` Fetch/push lets a malicious server steal the targets of "have" lines Matt McCutchen
2016-10-30 8:03 ` Junio C Hamano
2016-11-13 2:10 ` Matt McCutchen
2016-10-29 17:38 ` Jon Loeliger
2016-10-30 8:16 ` Junio C Hamano
2016-11-13 2:44 ` Matt McCutchen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqq1syezs3g.fsf@gitster.mtv.corp.google.com \
--to=gitster@pobox.com \
--cc=git@vger.kernel.org \
--cc=matt@mattmccutchen.net \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.