| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20150130191621.GA30156@peff.net> Date: Fri, 30 Jan 2015 14:16:21 -0500 From: Jeff King <peff@...f.net> To: Junio C Hamano <gitster@...ox.com> Cc: Git Mailing List <git@...r.kernel.org>, Josh Boyer <jwboyer@...oraproject.org>, "Linux-Kernel@...r. Kernel. Org" <linux-kernel@...r.kernel.org>, twaugh@...hat.com, Linus Torvalds <torvalds@...ux-foundation.org> Subject: Re: [PATCH 2/1] apply: reject input that touches outside $cwd On Fri, Jan 30, 2015 at 11:07:34AM -0800, Junio C Hamano wrote: > Jeff King <peff@...f.net> writes: > > > It looks like your new --allow-uplevel goes to verify_path(). So this > > isn't just about "..", but it will also protect against applying a patch > > inside ".git". Which seems like a good thing to me, but I wonder if the > > option name is a little misleading. > > True; not just misleading but is incorrect, I would say. > Suggestions? I think just "--verify-paths" (and "--no-verify-paths", since the former would be the default) might be fine. That leaves the definition of "verify" vague, but I think that's OK. It used to mean "no '..' and no '.git'", and now it has been widened to include "no weird filesystem-specific variants of .git". If you wanted to avoid the negative being the commonly used option, maybe "--unsafe-paths" (or "--allow-unsafe-paths" if you like verbs). -Peff -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists