undef/git-commit-vandalism
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

credential-cache--daemon: disallow relative socket path

Browse Source 
Relative socket paths are dangerous since the user cannot generally
control when the daemon starts (initially, after a timeout, kill or
crash). Since the daemon creates but does not delete the socket
directory, this could lead to spurious directory creation relative
to the users cwd.

Suggested-by: Jeff King <peff@peff.net>
Signed-off-by: Jon Griffiths <jon_p_griffiths@yahoo.com>
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
Jon Griffiths 2016-02-23 02:15:41 -05:00 committed by Junio C Hamano
parent a6e5e2864f
commit bd93b8d9be
2 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Documentation/git-credential-cache.txt
View File

@ -36,7 +36,7 @@ OPTIONS
cache daemon if one is not started). Defaults to cache daemon if one is not started). Defaults to
`~/.git-credential-cache/socket`. If your home directory is on a `~/.git-credential-cache/socket`. If your home directory is on a
network-mounted filesystem, you may need to change this to a network-mounted filesystem, you may need to change this to a
local filesystem. local filesystem. You must specify an absolute path.
CONTROLLING THE DAEMON CONTROLLING THE DAEMON
---------------------- ----------------------

3
credential-cache--daemon.c
View File

@ -262,6 +262,9 @@ int main(int argc, const char **argv)
if (!socket_path) if (!socket_path)
usage_with_options(usage, options); usage_with_options(usage, options);
if (!is_absolute_path(socket_path))
die("socket directory must be an absolute path");
init_socket_directory(socket_path); init_socket_directory(socket_path);
register_tempfile(&socket_file, socket_path); register_tempfile(&socket_file, socket_path);