From: "Sverre Rabbelier" <alturin@gmail.com>
To: "Martin Langhoff" <martin.langhoff@gmail.com>
Cc: "Junio C Hamano" <gitster@pobox.com>,
"Roman V. Shaposhnik" <rvs@sun.com>,
"Jeremy Maitin-Shepard" <jbms@cmu.edu>,
"Ping Yin" <pkufranky@gmail.com>,
"Avery Pennarun" <apenwarr@gmail.com>,
stuart.freeman@et.gatech.edu, git@vger.kernel.org
Subject: Re: Intricacies of submodules
Date: Thu, 17 Apr 2008 23:27:32 +0200 [thread overview]
Message-ID: <bd6139dc0804171427i6bf2813at719c8dec13bc225c@mail.gmail.com> (raw)
In-Reply-To: <46a038f90804171425q1cc4cff4m6b783252040a3b26@mail.gmail.com>
On Thu, Apr 17, 2008 at 11:25 PM, Martin Langhoff
<martin.langhoff@gmail.com> wrote:
> On Thu, Apr 17, 2008 at 6:00 PM, Sverre Rabbelier <alturin@gmail.com> wrote:
> > provide any hooks to execute things (which of course includes changing
> > the environment) it should be fine, but if it is, it should be ignored
> > till after clone has finished.
>
> It should not be allowed at all. After the clone is the review, and
> that has to be safe too.
I reckon review is done without using git, I don't see how it would
pose a security risk.
> > Because of that an in-tree '.gitconfig' would have no security risks
> > as long as it is not 'used' until after the clone.
>
> This is not true. A pre-commit hook or pre-checkout hook could be destructive.
But, those won't be executed till after the review, so everything
would be good still, wouldn't it?
Cheers,
Sverre Rabbelier
next prev parent reply other threads:[~2008-04-17 21:28 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-03-31 20:59 Migrating svn to git with heavy use of externals D. Stuart Freeman
2008-04-08 18:07 ` D. Stuart Freeman
2008-04-08 20:06 ` Avery Pennarun
2008-04-08 20:49 ` D. Stuart Freeman
2008-04-08 21:01 ` Avery Pennarun
2008-04-08 22:47 ` D. Stuart Freeman
2008-04-09 3:03 ` Roman Shaposhnik
2008-04-09 3:33 ` Avery Pennarun
2008-04-09 4:39 ` Roman Shaposhnik
2008-04-09 6:34 ` Avery Pennarun
2008-04-09 6:43 ` Junio C Hamano
2008-04-10 3:43 ` Intricacies of submodules [was: Migrating svn to git with heavy use of externals] Roman Shaposhnik
2008-04-10 5:53 ` Intricacies of submodules Junio C Hamano
2008-04-10 20:32 ` Roman Shaposhnik
2008-04-11 5:20 ` Junio C Hamano
2008-04-11 16:04 ` Ping Yin
2008-04-11 22:32 ` Junio C Hamano
2008-04-12 3:13 ` Roman Shaposhnik
2008-04-12 5:11 ` Junio C Hamano
2008-04-14 19:52 ` Roman Shaposhnik
2008-04-15 1:13 ` Junio C Hamano
2008-04-15 2:13 ` Ping Yin
2008-04-16 3:49 ` Roman V. Shaposhnik
2008-04-17 18:09 ` Jeremy Maitin-Shepard
2008-04-17 19:06 ` Linus Torvalds
2008-04-17 20:04 ` Junio C Hamano
[not found] ` <32541b130804181128j57d76edcsbbd5fb8d4c782ae7@mail.gmail.com>
2008-04-18 18:30 ` Avery Pennarun
2008-04-17 19:50 ` Roman V. Shaposhnik
2008-04-17 20:06 ` Martin Langhoff
2008-04-17 20:44 ` Junio C Hamano
2008-04-17 21:00 ` Sverre Rabbelier
2008-04-17 21:25 ` Martin Langhoff
2008-04-17 21:27 ` Sverre Rabbelier [this message]
2008-04-17 21:31 ` Martin Langhoff
2008-04-18 1:41 ` Ping Yin
2008-04-17 22:29 ` Dmitry Potapov
2008-04-17 22:32 ` Linus Torvalds
2008-04-18 1:48 ` Ping Yin
2008-04-18 14:02 ` Jakub Narebski
2008-04-12 3:20 ` Ping Yin
2008-04-14 19:56 ` Roman Shaposhnik
2008-04-12 4:02 ` Ping Yin
2008-04-12 5:25 ` Junio C Hamano
2008-04-12 6:26 ` Ping Yin
2008-04-10 16:07 ` Intricacies of submodules [was: Migrating svn to git with heavy use of externals] Ping Yin
2008-04-10 19:27 ` Roman Shaposhnik
2008-04-09 19:57 ` Roman Shaposhnik
2008-04-09 20:27 ` Avery Pennarun
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bd6139dc0804171427i6bf2813at719c8dec13bc225c@mail.gmail.com \
--to=alturin@gmail.com \
--cc=apenwarr@gmail.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=jbms@cmu.edu \
--cc=martin.langhoff@gmail.com \
--cc=pkufranky@gmail.com \
--cc=rvs@sun.com \
--cc=stuart.freeman@et.gatech.edu \
--cc=sverre@rabbelier.nl \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).