From: Ryan Lortie <desrt@desrt.ca>
To: git@vger.kernel.org
Cc: Chris Packham <judge.packham@gmail.com>,
Junio C Hamano <gitster@pobox.com>
Subject: git submodule: update=!command
Date: Tue, 17 Mar 2015 15:28:57 -0400 [thread overview]
Message-ID: <1426620537.1785877.241673949.72FB3B40@webmail.messagingengine.com> (raw)
karaj,
'man git-submodule' contains mention (in one place) that:
Setting the key submodule.$name.update to !command
will cause command to be run.
This is not documented in 'man gitmodules' (which documents the other
possible values for the 'update' key) nor in 'man git-config' which also
mentions the 'update' key (but refers readers to the two other pages).
This feature is scary. The idea that arbitrary code could be executed
on my machine when I run innocent-looking git commands, based on the
content of the .gitmodules file is enough to give pause to anybody.
Fortunately, it seems that (for now?) this is not really the case. 'git
submodule init' will copy the values of the 'update' key from
.gitmodules to your local git config, but only if they are one of
"none", "checkout", "merge" or "rebase".
So, I guess I'm asking two things.
The first is a question about git's basic policy with respect to things
like this. I hope that it's safe to assume that running 'git' commands
on repositories downloaded from potentially-hostile places will never
result in the authors of those repositories being able to run code on my
machine.
If that is true then, the second request would be to spell this out more
explicitly in the relevant documentation. I'm happy to write a patch to
do that, if it is deemed appropriate.
Thanks in advance.
Cheers
next reply other threads:[~2015-03-17 19:29 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-17 19:28 Ryan Lortie [this message]
2015-03-17 19:50 ` git submodule: update=!command Jeff King
2015-03-17 20:48 ` Ryan Lortie
2015-03-18 7:38 ` Chris Packham
2015-03-17 20:49 ` Junio C Hamano
2015-03-17 20:59 ` Ryan Lortie
2015-03-17 21:05 ` Junio C Hamano
2015-03-17 21:11 ` Ryan Lortie
2015-03-18 7:43 ` Chris Packham
2015-03-18 7:45 ` Chris Packham
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1426620537.1785877.241673949.72FB3B40@webmail.messagingengine.com \
--to=desrt@desrt.ca \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=judge.packham@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).