undef/git-commit-vandalism
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ae9abbb63e
git-commit-vandalism/Documentation
History
Carlo Marcelo Arenas Belón ae9abbb63e git-compat-util: avoid failing dir ownership checks if running privileged 
bdc77d1d68 (Add a function to determine whether a path is owned by the
current user, 2022-03-02) checks for the effective uid of the running
process using geteuid() but didn't account for cases where that user was
root (because git was invoked through sudo or a compatible tool) and the
original uid that repository trusted for its config was no longer known,
therefore failing the following otherwise safe call:

  guy@renard ~/Software/uncrustify $ sudo git describe --always --dirty
  [sudo] password for guy:
  fatal: unsafe repository ('/home/guy/Software/uncrustify' is owned by someone else)

Attempt to detect those cases by using the environment variables that
those tools create to keep track of the original user id, and do the
ownership check using that instead.

This assumes the environment the user is running on after going
privileged can't be tampered with, and also adds code to restrict that
the new behavior only applies if running as root, therefore keeping the
most common case, which runs unprivileged, from changing, but because of
that, it will miss cases where sudo (or an equivalent) was used to change
to another unprivileged user or where the equivalent tool used to raise
privileges didn't track the original id in a sudo compatible way.

Because of compatibility with sudo, the code assumes that uid_t is an
unsigned integer type (which is not required by the standard) but is used
that way in their codebase to generate SUDO_UID.  In systems where uid_t
is signed, sudo might be also patched to NOT be unsigned and that might
be able to trigger an edge case and a bug (as described in the code), but
it is considered unlikely to happen and even if it does, the code would
just mostly fail safely, so there was no attempt either to detect it or
prevent it by the code, which is something that might change in the future,
based on expected user feedback.

Reported-by: Guy Maurel <guy.j@maurel.de>
Helped-by: SZEDER Gábor <szeder.dev@gmail.com>
Helped-by: Randall Becker <rsbecker@nexbridge.com>
Helped-by: Phillip Wood <phillip.wood123@gmail.com>
Suggested-by: Johannes Schindelin <Johannes.Schindelin@gmx.de>
Signed-off-by: Carlo Marcelo Arenas Belón <carenas@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2022-05-12 18:12:23 -07:00
..
config git-compat-util: avoid failing dir ownership checks if running privileged 2022-05-12 18:12:23 -07:00
howto Merge branch 'js/pu-to-seen' 2020-07-06 22:09:16 -07:00
RelNotes Git 2.30.4 2022-04-13 13:31:29 -07:00
technical Merge branch 'ma/doc-pack-format-varint-for-sizes' into maint 2021-02-08 14:05:54 -08:00
.gitattributes
.gitignore
asciidoc.conf Doc: drop support for docbook-xsl before 1.72.0 2020-03-29 09:25:38 -07:00
asciidoctor-extensions.rb
blame-options.txt blame-options.txt: also mention 'funcname' in '-L' description 2020-11-01 15:54:14 -08:00
build-docdep.perl
cat-texi.perl
cmd-list.perl git.txt: add list of guides 2020-08-04 18:34:02 -07:00
CodingGuidelines Merge branch 'dl/python-2.7-is-the-floor-version' 2020-06-17 21:54:05 -07:00
config.txt setup_git_directory(): add an owner check for the top-level directory 2022-03-21 13:16:26 +01:00
date-formats.txt date-formats.txt: fix list continuation 2020-05-18 13:18:56 -07:00
diff-format.txt doc: indent multi-line items in list 2019-12-13 12:18:07 -08:00
diff-generate-patch.txt git.txt: correct stale 'GIT_EXTERNAL_DIFF' description 2020-09-01 12:17:05 -07:00
diff-options.txt Merge branch 'pb/blame-funcname-range-userdiff' 2020-11-18 13:32:53 -08:00
doc-diff doc-diff: use single-colon rule in rendering Makefile 2020-02-18 13:53:30 -08:00
docbook-xsl.css
docbook.xsl
everyday.txto
fetch-options.txt Merge branch 'ds/maintenance-part-1' 2020-09-25 15:25:38 -07:00
fix-texi.perl
git-add.txt add: support the --pathspec-from-file option 2019-12-04 10:10:37 -08:00
git-am.txt Documentation: stylistically normalize references to Signed-off-by: 2020-10-20 11:57:40 -07:00
git-annotate.txt
git-apply.txt git-apply.txt: update descriptions of --cached, --index 2020-08-20 16:34:37 -07:00
git-archimport.txt
git-archive.txt archive: add --add-file 2020-09-19 15:56:06 -07:00
git-bisect-lk2009.txt git-bisect-lk2009: make continuation of list indented 2020-10-08 14:01:15 -07:00
git-bisect.txt bisect: swap command-line options in documentation 2020-08-28 14:06:06 -07:00
git-blame.txt doc: clarify that --abbrev=<n> is about the minimum length 2020-11-04 14:04:44 -08:00
git-branch.txt doc: clarify that --abbrev=<n> is about the minimum length 2020-11-04 14:04:44 -08:00
git-bugreport.txt Merge branch 'es/bugreport-shell' 2020-06-08 18:06:28 -07:00
git-bundle.txt bundle: add new version for use with SHA-256 2020-07-30 09:16:48 -07:00
git-cat-file.txt cat-file: add missing [=<format>] to usage/synopsis 2020-07-01 15:54:05 -07:00
git-check-attr.txt
git-check-ignore.txt Merge branch 'en/check-ignore' into maint 2020-03-17 15:02:23 -07:00
git-check-mailmap.txt
git-check-ref-format.txt
git-checkout-index.txt
git-checkout.txt Merge branch 'dl/checkout-guess' 2020-10-27 15:09:51 -07:00
git-cherry-pick.txt Documentation: stylistically normalize references to Signed-off-by: 2020-10-20 11:57:40 -07:00
git-cherry.txt
git-citool.txt
git-clean.txt
git-clone.txt Documentation/git-clone.txt: document race with --local 2021-01-11 22:03:08 -08:00
git-column.txt
git-commit-graph.txt Merge branch 'ds/commit-graph-merging-fix' 2020-11-02 13:17:39 -08:00
git-commit-tree.txt Documentation: merge commit-tree --[no-]gpg-sign 2020-04-03 11:37:22 -07:00
git-commit.txt doc: preparatory clean-up of description on the sign-off option 2020-10-20 11:57:35 -07:00
git-config.txt config doc: value-pattern is not necessarily a regexp 2020-11-25 15:01:31 -08:00
git-count-objects.txt
git-credential-cache--daemon.txt
git-credential-cache.txt
git-credential-store.txt Merge branch 'cb/credential-store-ignore-bogus-lines' 2020-05-08 14:25:01 -07:00
git-credential.txt git-credential.txt: use list continuation 2020-05-18 13:19:33 -07:00
git-cvsexportcommit.txt
git-cvsimport.txt
git-cvsserver.txt
git-daemon.txt
git-describe.txt
git-diff-files.txt
git-diff-index.txt builtin/diff-index: learn --merge-base 2020-09-20 21:30:26 -07:00
git-diff-tree.txt builtin/diff-tree: learn --merge-base 2020-09-21 13:37:03 -07:00
git-diff.txt builtin/diff-tree: learn --merge-base 2020-09-21 13:37:03 -07:00
git-difftool.txt
git-fast-export.txt fast-export: allow seeding the anonymized mapping 2020-06-25 14:19:23 -07:00
git-fast-import.txt fast-import: fix typo in documentation 2020-10-04 12:56:29 -07:00
git-fetch-pack.txt
git-fetch.txt fetch: allow refspecs specified through stdin 2020-08-18 13:25:05 -07:00
git-filter-branch.txt filter-branch doc: fix filter-repo typo 2020-10-20 12:22:25 -07:00
git-fmt-merge-msg.txt
git-for-each-ref.txt Doc: prefer more specific file name 2020-09-18 15:41:56 -07:00
git-for-each-repo.txt for-each-repo: run subcommands on configured repos 2020-09-25 10:59:44 -07:00
git-format-patch.txt Merge branch 'jc/format-patch-name-max' 2020-11-21 15:14:38 -08:00
git-fsck-objects.txt
git-fsck.txt fsck doc: remove ancient out-of-date diagnostics 2021-01-20 19:10:42 -08:00
git-gc.txt
git-get-tar-commit-id.txt
git-grep.txt doc: add more pointers to gitattributes(5) for userdiff 2020-11-01 15:54:14 -08:00
git-gui.txt
git-hash-object.txt
git-help.txt help: drop usage of 'common' and 'useful' for guides 2020-08-04 18:34:01 -07:00
git-http-backend.txt
git-http-fetch.txt http-fetch: support fetching packfiles by URL 2020-06-10 18:06:34 -07:00
git-http-push.txt
git-imap-send.txt git-imap-send.txt: add note about localized Gmail folders 2020-08-31 11:44:33 -07:00
git-index-pack.txt Documentation: mark --object-format=sha256 as experimental 2020-08-17 10:50:14 -07:00
git-init-db.txt
git-init.txt init: document init.defaultBranch better 2020-12-13 15:53:50 -08:00
git-instaweb.txt
git-interpret-trailers.txt
git-log.txt doc: log, gitk: move '-L' description to 'line-range-options.txt' 2020-11-01 15:54:14 -08:00
git-ls-files.txt doc: remove "directory cache" from man pages 2021-01-09 22:57:24 -08:00
git-ls-remote.txt docs: adjust for the recent rename of pu to seen 2020-06-25 09:18:53 -07:00
git-ls-tree.txt doc: clarify that --abbrev=<n> is about the minimum length 2020-11-04 14:04:44 -08:00
git-mailinfo.txt Doc: show example scissors line 2020-09-28 16:09:04 -07:00
git-mailsplit.txt
git-maintenance.txt doc: fix some typos 2021-01-04 11:27:48 -08:00
git-merge-base.txt
git-merge-file.txt
git-merge-index.txt
git-merge-one-file.txt
git-merge-tree.txt
git-merge.txt Doc: reference the "stash list" in autostash docs 2020-05-05 16:07:30 -07:00
git-mergetool--lib.txt
git-mergetool.txt
git-mktag.txt
git-mktree.txt
git-multi-pack-index.txt multi-pack-index: repack batches below --batch-size 2020-08-11 14:05:26 -07:00
git-mv.txt
git-name-rev.txt
git-notes.txt docs: improve the example that illustrates git-notes path names 2020-08-03 12:40:09 -07:00
git-p4.txt doc: fix some typos 2021-01-04 11:27:48 -08:00
git-pack-objects.txt pack-objects: no fetch when allow-{any,promisor} 2020-08-06 13:01:03 -07:00
git-pack-redundant.txt
git-pack-refs.txt
git-patch-id.txt
git-prune-packed.txt
git-prune.txt
git-pull.txt Merge branch 'dl/merge-autostash' 2020-04-29 16:15:27 -07:00
git-push.txt t, doc: update tests, reference for "--force-if-includes" 2020-10-03 09:59:19 -07:00
git-quiltimport.txt
git-range-diff.txt Merge branch 'dl/range-diff-with-notes' 2019-12-05 12:52:44 -08:00
git-read-tree.txt doc: --recurse-submodules mostly applies to active submodules 2020-04-06 13:42:43 -07:00
git-rebase.txt Documentation: stylistically normalize references to Signed-off-by: 2020-10-20 11:57:40 -07:00
git-receive-pack.txt
git-reflog.txt
git-remote-ext.txt
git-remote-fd.txt
git-remote-helpers.txto
git-remote.txt remote: add meaningful exit code on missing/existing 2020-10-27 11:40:33 -07:00
git-repack.txt
git-replace.txt
git-request-pull.txt
git-rerere.txt
git-reset.txt doc: document --recurse-submodules for reset and restore 2020-04-06 13:42:43 -07:00
git-restore.txt Doc: document "A...B" form for <tree-ish> in checkout and switch 2020-10-07 09:49:05 -07:00
git-rev-list.txt git-log.txt: include rev-list-description.txt 2020-07-08 22:08:54 -07:00
git-rev-parse.txt rev-parse: handle --end-of-options 2020-11-10 13:46:27 -08:00
git-revert.txt Documentation: stylistically normalize references to Signed-off-by: 2020-10-20 11:57:40 -07:00
git-rm.txt rm: support the --pathspec-from-file option 2020-02-19 10:56:49 -08:00
git-send-email.txt Merge branch 'vv/send-email-with-less-secure-apps-access' into maint 2021-02-05 16:31:25 -08:00
git-send-pack.txt
git-sh-i18n--envsubst.txt
git-sh-i18n.txt
git-sh-setup.txt
git-shell.txt
git-shortlog.txt shortlog: allow multiple groups to be specified 2020-09-27 12:21:05 -07:00
git-show-branch.txt
git-show-index.txt Documentation: mark --object-format=sha256 as experimental 2020-08-17 10:50:14 -07:00
git-show-ref.txt
git-show.txt
git-sparse-checkout.txt Merge branch 'en/sparse-with-submodule-doc' 2020-06-22 15:55:03 -07:00
git-stage.txt
git-stash.txt stash push: support the --pathspec-from-file option 2020-02-19 10:56:49 -08:00
git-status.txt docs: rephrase and clarify the git status --short format 2021-01-11 12:14:07 -08:00
git-stripspace.txt
git-submodule.txt submodule: fall back to remote's HEAD for missing remote.<name>.branch 2020-06-24 09:14:21 -07:00
git-svn.txt Documentation: stylistically normalize references to Signed-off-by: 2020-10-20 11:57:40 -07:00
git-switch.txt checkout: learn to respect checkout.guess 2020-10-08 09:25:29 -07:00
git-symbolic-ref.txt
git-tag.txt Doc: prefer more specific file name 2020-09-18 15:41:56 -07:00
git-tools.txt
git-unpack-file.txt
git-unpack-objects.txt
git-update-index.txt doc: remove "directory cache" from man pages 2021-01-09 22:57:24 -08:00
git-update-ref.txt update-ref: allow creation of multiple transactions 2020-11-16 13:44:01 -08:00
git-update-server-info.txt
git-upload-archive.txt
git-upload-pack.txt
git-var.txt
git-verify-commit.txt
git-verify-pack.txt
git-verify-tag.txt
git-web--browse.txt
git-whatchanged.txt
git-worktree.txt worktree: teach list to annotate locked worktree 2020-10-12 12:24:29 -07:00
git-write-tree.txt
git.txt git.txt: fix typos in 'linkgit' macro invocation 2020-12-22 12:02:29 -08:00
gitattributes.txt userdiff: support Bash 2020-10-22 10:29:30 -07:00
gitcli.txt Merge branch 'jc/doc-single-h-is-for-help' into maint 2020-03-17 15:02:24 -07:00
gitcore-tutorial.txt doc/gitcore-tutorial: fix prose to match example command 2020-01-08 08:56:40 -08:00
gitcredentials.txt command-list.txt: add missing 'gitcredentials' and 'gitremote-helpers' 2020-08-04 18:34:01 -07:00
gitcvs-migration.txt
gitdiffcore.txt
giteveryday.txt docs: adjust for the recent rename of pu to seen 2020-06-25 09:18:53 -07:00
gitfaq.txt docs: explain how to deal with files that are always modified 2020-09-20 21:29:02 -07:00
gitglossary.txt
githooks.txt doc: fix some typos 2021-01-04 11:27:48 -08:00
gitignore.txt
gitk.txt doc: log, gitk: move '-L' description to 'line-range-options.txt' 2020-11-01 15:54:14 -08:00
gitmodules.txt gitmodules.txt: fix 'GIT_WORK_TREE' variable name 2021-01-04 11:29:36 -08:00
gitnamespaces.txt
gitremote-helpers.txt Merge branch 'bc/sha-256-part-2' 2020-07-06 22:09:13 -07:00
gitrepository-layout.txt
gitrevisions.txt
gitsubmodules.txt gitsubmodules doc: invoke 'ls-files' with '--recurse-submodules' 2020-10-04 12:54:07 -07:00
gittutorial-2.txt
gittutorial.txt
gitweb.conf.txt
gitweb.txt
gitworkflows.txt gitworkflows.txt: fix broken subsection underline 2020-07-18 13:43:34 -07:00
glossary-content.txt glossary: improve "branch" definition 2020-12-02 14:53:42 -08:00
howto-index.sh
i18n.txt
install-doc-quick.sh
install-webdoc.sh
line-range-format.txt doc: add more pointers to gitattributes(5) for userdiff 2020-11-01 15:54:14 -08:00
line-range-options.txt blame-options.txt: also mention 'funcname' in '-L' description 2020-11-01 15:54:14 -08:00
lint-gitlink.perl
mailmap.txt
Makefile Merge branch 'rj/make-clean' 2020-12-17 15:06:40 -08:00
manpage-base-url.xsl.in
manpage-bold-literal.xsl manpage-bold-literal.xsl: stop using git.docbook.backslash 2020-03-29 09:25:38 -07:00
manpage-normal.xsl manpage-normal.xsl: fold in manpage-base.xsl 2020-03-29 09:25:38 -07:00
manpage-quote-apos.xsl
manpage.xsl
merge-options.txt doc: preparatory clean-up of description on the sign-off option 2020-10-20 11:57:35 -07:00
merge-strategies.txt
MyFirstContribution.txt Merge branch 'jc/do-not-just-explain-but-update-your-patch' 2020-11-30 14:49:43 -08:00
MyFirstObjectWalk.txt MyFirstObjectWalk: drop init_walken_defaults() 2020-11-30 13:55:54 -08:00
object-format-disclaimer.txt Documentation: mark --object-format=sha256 as experimental 2020-08-17 10:50:14 -07:00
pretty-formats.txt Merge branch 'mk/pb-pretty-email-without-domain-part-fix' 2020-07-06 22:09:15 -07:00
pretty-options.txt doc: clarify that --abbrev=<n> is about the minimum length 2020-11-04 14:04:44 -08:00
pull-fetch-param.txt refspec: add support for negative refspecs 2020-09-30 14:52:00 -07:00
ref-reachability-filters.txt Doc: prefer more specific file name 2020-09-18 15:41:56 -07:00
rev-list-description.txt git-log.txt: include rev-list-description.txt 2020-07-08 22:08:54 -07:00
rev-list-options.txt Merge branch 'jk/log-fp-implies-m' 2020-08-17 17:02:49 -07:00
revisions.txt revisions.txt: describe 'rev1 rev2 ...' meaning for ranges 2020-07-08 22:08:53 -07:00
sequencer.txt
signoff-option.txt Documentation: stylistically normalize references to Signed-off-by: 2020-10-20 11:57:40 -07:00
SubmittingPatches SubmittingPatches: tighten wording on "sign-off" procedure 2021-01-07 15:41:36 -08:00
texi.xsl
trace2-target-values.txt
transfer-data-leaks.txt
urls-remotes.txt
urls.txt
user-manual.conf user-manual.conf: don't specify [listingblock] 2020-03-31 16:08:02 -07:00
user-manual.txt docs: adjust for the recent rename of pu to seen 2020-06-25 09:18:53 -07:00