All of lore.kernel.org
 help / color / mirror / Atom feed
From: Junio C Hamano <gitster@pobox.com>
To: Rasmus Villemoes <rv@rasmusvillemoes.dk>
Cc: git <git@vger.kernel.org>, Jeff King <peff@peff.net>,
	Joe Perches <joe@perches.com>,
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Subject: Re: [RFC/PATCH 1/2] config: Add safe-include directive
Date: Mon, 06 Oct 2014 10:58:36 -0700	[thread overview]
Message-ID: <xmqq7g0djd0z.fsf@gitster.dls.corp.google.com> (raw)
In-Reply-To: <878uktwnqs.fsf@rasmusvillemoes.dk> (Rasmus Villemoes's message of "Mon, 06 Oct 2014 11:28:43 +0200")

Rasmus Villemoes <rv@rasmusvillemoes.dk> writes:

> Junio C Hamano <gitster@pobox.com> wrote:
>
>> (by the way, we do not do dashes in names for configuration by
>> convention)
>
> OK. Actually, I now think I'd prefer a subsection [include "safe"], but
> I don't have any strong preferences regarding the names.

I think Peff mentioned something about having the second level
between include and path, so I'll defer it to him.

>> That syntax _could_ be just a relative path (e.g. project.gitconfig names
>> the file with that name at the top-level of the working tree), and if we are
>> to do so, we should forbid any relative path that escapes from the working
>> tree (e.g. ../project.gitconfig is forbidden, but down/down/../../.gitconfig
>> could be OK as it is the same as .gitconfig). For that matter, anything with
>> /./ and /../ in it can safely be forbidden without losing functionality.
>
> I agree that it would be most useful to interpret relative paths as
> being relative to the working tree. I'm not sure what would be gained by
> checking for ./ and ../ components, a symlink could easily be used to
> circumvent that.

If the "limit to the the working tree" is the reason to suggest a
relative path to be taken as relative to the working tree, which my
suggestion clearly was, the reader should be intelligent enough to
infer that an implementation working in that mode should make sure
symlinks and any other means do not step outside it.

And as you noticed that, you apparently are ;-)

> One might (ab)use the feature to only use some settings from a global
> file, e.g.
>
> [include "safe"]
>     whitelist = !foo.*
>     path = ~/extra.gitconfig

You do not have to write something you do not want to use in your
own ~/extra.gitconfig that is under your $HOME/, so I'd prefer to
explicitly forbidding such a use case at least in the beginning.

  reply	other threads:[~2014-10-06 17:58 UTC|newest]

Thread overview: 57+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-09-17  7:21 [PATCH v5 0/3] LED triggers for USB host and device Michal Sojka
2014-09-17  7:21 ` [PATCH v5 1/3] usb: gadget: Refactor request completion Michal Sojka
2014-09-17 15:28   ` Felipe Balbi
2014-09-17 15:28     ` Felipe Balbi
2014-09-23  8:09     ` Michal Sojka
2014-09-23  8:09       ` Michal Sojka
2014-09-24 14:48       ` Felipe Balbi
2014-09-24 14:48         ` Felipe Balbi
2014-09-24 15:08       ` Alan Stern
2014-09-24 15:08         ` Alan Stern
2014-09-24 20:43         ` [PATCH v6 0/4] LED triggers for USB host and device Michal Sojka
     [not found]           ` <1411591401-5874-1-git-send-email-sojka-Knnw/vAvyUalVyrhU4qvOw@public.gmane.org>
2014-09-24 20:43             ` [PATCH v6 1/4] usb: gadget: Introduce usb_gadget_giveback_request() Michal Sojka
2014-09-24 20:43               ` Michal Sojka
     [not found]               ` <1411591401-5874-2-git-send-email-sojka-Knnw/vAvyUalVyrhU4qvOw@public.gmane.org>
2014-09-24 21:00                 ` Felipe Balbi
2014-09-24 21:00                   ` Felipe Balbi
2014-09-24 20:59             ` [PATCH v6 0/4] LED triggers for USB host and device Felipe Balbi
2014-09-24 20:59               ` Felipe Balbi
2014-09-24 21:41               ` Greg Kroah-Hartman
     [not found]                 ` <20140924214155.GA30689-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2014-09-24 22:18                   ` Felipe Balbi
2014-09-24 22:18                     ` Felipe Balbi
2014-09-24 23:15                     ` Felipe Balbi
2014-09-24 23:15                       ` Felipe Balbi
2014-09-25 10:36                       ` Greg Kroah-Hartman
2014-09-25 13:56                         ` Felipe Balbi
2014-09-25 13:56                           ` Felipe Balbi
2014-09-25 14:56                           ` Greg Kroah-Hartman
2014-09-24 20:43           ` [PATCH v6 2/4] usb: gadget: Refactor request completion Michal Sojka
2014-09-24 23:14             ` Felipe Balbi
2014-09-24 23:14               ` Felipe Balbi
2014-09-29  8:50             ` Robert Baldyga
2014-09-29  9:13               ` Michal Sojka
2014-09-29 14:05               ` Felipe Balbi
2014-09-29 14:05                 ` Felipe Balbi
2014-09-24 20:43           ` [PATCH v6 3/4] usb: Rename usb-common.c Michal Sojka
     [not found]             ` <1411591401-5874-4-git-send-email-sojka-Knnw/vAvyUalVyrhU4qvOw@public.gmane.org>
2014-09-24 23:15               ` Felipe Balbi
2014-09-24 23:15                 ` Felipe Balbi
2014-09-25 15:03             ` Greg Kroah-Hartman
2014-09-25 15:48               ` project wide: git config entry for [diff] renames=true Joe Perches
2014-09-25 18:00                 ` Jeff King
2014-09-25 18:06                   ` Joe Perches
2014-09-25 18:43                     ` Junio C Hamano
     [not found]                   ` <20140925180005.GA11755-AdEPDUrAXsQ@public.gmane.org>
2014-09-25 18:53                     ` Junio C Hamano
2014-09-25 18:53                       ` Junio C Hamano
2014-09-25 18:55                       ` Junio C Hamano
2014-10-03  1:37                       ` [RFC/PATCH 0/2] Introduce safe-include config feature Rasmus Villemoes
2014-10-03  1:37                         ` [RFC/PATCH 1/2] config: Add safe-include directive Rasmus Villemoes
2014-10-03  5:27                           ` Junio C Hamano
2014-10-03  5:34                             ` Junio C Hamano
2014-10-03 18:52                             ` Junio C Hamano
2014-10-06  9:28                             ` Rasmus Villemoes
2014-10-06 17:58                               ` Junio C Hamano [this message]
2014-10-03  1:37                         ` [RFC/PATCH 2/2] config: Add test of safe-include feature Rasmus Villemoes
2014-09-24 20:43           ` [PATCH v6 4/4] usb: Add LED triggers for USB activity Michal Sojka
2014-09-24 20:56             ` Felipe Balbi
2014-09-24 20:56               ` Felipe Balbi
2014-09-17  7:21 ` [PATCH v5 2/3] usb: Rename usb-common.c Michal Sojka
2014-09-17  7:21 ` [PATCH v5 3/3] usb: Add LED triggers for USB activity Michal Sojka

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=xmqq7g0djd0z.fsf@gitster.dls.corp.google.com \
    --to=gitster@pobox.com \
    --cc=git@vger.kernel.org \
    --cc=gregkh@linuxfoundation.org \
    --cc=joe@perches.com \
    --cc=peff@peff.net \
    --cc=rv@rasmusvillemoes.dk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.