Re: Bug: git config does not respect read-only .gitconfig file

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Junio C Hamano <gitster@pobox.com>
To: Jeff King <peff@peff.net>
Cc: Jonathan Word <argoday@argoday.com>,
	Markus Hitter <mah@jump-ing.de>,
	git@vger.kernel.org, jword@bloomberg.net
Subject: Re: Bug: git config does not respect read-only .gitconfig file
Date: Tue, 08 Nov 2016 17:22:52 -0800	[thread overview]
Message-ID: <xmqqk2cdbg5v.fsf@gitster.mtv.corp.google.com> (raw)
In-Reply-To: <20161108200110.zvqdm2nlu5zxfyv5@sigill.intra.peff.net> (Jeff King's message of "Tue, 8 Nov 2016 15:01:10 -0500")

Jeff King <peff@peff.net> writes:

> Probably converting "rename(from, to)" to first check "access(to,
> W_OK)". That's racy, but it's the best we could do.

Hmph, if these (possibly problematic) callers are all following the
usual "lock, write to temp, rename" pattern, perhaps the lock_file()
function can have access(path, W_OK) check before it returns a
tempfile that has been successfully opened?

Having said that, I share your assessment that this is not a code or
design problem.  It is unreasonable to drop the write-enable bit of
a file in a writable directory and expect it to stay unmodified. The
W-bit on the file is not usable as a security measure, and we do not
use it as such.

I do not offhand know how much a new feature "this repository can be
modified by pushing into and fetching from, but its configuration
cannot be modified" is a sensible thing to have.  But it is quite
clear that even if we were to implement such feature, we wouldn't be
using W-bit on .git/config to signal that.

next prev parent reply	other threads:[~2016-11-09  1:23 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-11-08 15:22 Bug: git config does not respect read-only .gitconfig file Jonathan Word
2016-11-08 16:49 ` Markus Hitter
2016-11-08 17:18   ` Jonathan Word
2016-11-08 20:01     ` Jeff King
2016-11-09  1:22       ` Junio C Hamano [this message]
2016-11-09  3:34         ` Jeff King
2016-11-09 13:51         ` Jonathan Word

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=xmqqk2cdbg5v.fsf@gitster.mtv.corp.google.com \
    --to=gitster@pobox.com \
    --cc=argoday@argoday.com \
    --cc=git@vger.kernel.org \
    --cc=jword@bloomberg.net \
    --cc=mah@jump-ing.de \
    --cc=peff@peff.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.