Re: [PATCH] Allow aliases to expand to shell commands

From: Theodore Tso <tytso@mit.edu>
Date: 2007-02-12 03:21:36
On Sun, Feb 11, 2007 at 05:03:29PM +0100, Johannes Schindelin wrote:
> > ... and git-shell only allows git-receive-pack and git-upload-pack to be 
> > called, with a single argument, and aliases aren't allowed to override 
> > commands.  So we're safe here, I think.
> 
> Yes, sorry. I have a modified git-shell, which allows the git wrapper, 
> too, to allow setting the config. I'll just fix it here.

If all you've enabled is the ability to set the config, I think we're
still safe, since aliases can't override commands.  

Still there are enough config options that might be scary, either now
(the http.ssl* options) or in the future (someone might think that it
makes sense to set the post-commit, post-push, et. al hooks in the
config), that I wouldn't be particularly comfortable letting git-shell
have unrestricted access to set the config without having some
restriction about which config parameters were allowed to be set from
the restricted shell.  Why did you add that ability, out of curiosity?

						- Ted
-
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Received on Mon Feb 12 03:25:39 2007

This archive was generated by hypermail 2.1.8 : 2007-02-12 03:27:20 EST