hoi :) On Thu, Dec 07, 2006 at 06:35:39AM -0500, Shawn Pearce wrote: > So I've patched git-receive-pack to refuse to run if its running > setuid and the hook's owner isn't the effective uid, or the hook > is group/world writable. This seems to close the last hole, but > it also makes hooks/update and hooks/post-update useless in user > private repositories on this system. perhaps don't refuse to run, but simply change back to the safed uid? Or use one special machine which hosts the repository and which has the modified version of git installed. -- Martin Waitz - To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
This archive was generated by hypermail 2.1.8 : 2006-12-07 23:44:14 EST