Re: Regression bug with latest SAFE ownership patch

["brian m. carlson" <sandals@crustytoothpaste.net>]

[-- Attachment #1: Type: text/plain, Size: 1445 bytes --]

On 2024-08-17 at 03:15:05, James wrote:
> I am not a subscriber to this mailing list, so please please CC-me on replies.
> 
> I believe the recent changes for the safe ownership patch seemed to
> have introduced a regression. I have a git repo which is on a shared
> server that I trust and control. Adding a safe.directory does _not_
> allow me to use this repo anymore. I can't even run a `git fetch`
> without an error. I have renamed the repo name and directory, but
> output is otherwise precise. Full logs and versions shown below:
> 
> james@computer1:~/whatever$ git remote show server2
> fatal: detected dubious ownership in repository at
> '/home/someoneelse/whatever/.git'
> To add an exception for this directory, call:
> 
>     git config --global --add safe.directory /home/someoneelse/whatever/.git
> fatal: Could not read from remote repository.
> 
> Please make sure you have the correct access rights
> and the repository exists.
> james@computer1:~/whatever$ git config --add safe.directory
> /home/someoneelse/whatever/.git
> james@computer1:~/whatever$ git config --add safe.directory '*'

This adds the option to the local configuration, but it has to be in the
global (`--global`) or system (`--system`) config.  A malicious user
that owned the repository could modify the local config, so it can't be
trusted for this reason.
-- 
brian m. carlson (they/them or he/him)
Toronto, Ontario, CA

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 262 bytes --]