On Tue, Oct 4, 2011 at 4:05 PM, Phil Hord <phil.hord@xxxxxxxxx> wrote: > The enter_repo() function is used to navigate into a .git > directory. It knows how to find standard alternatives (DWIM) but > it doesn't handle gitfiles created by git init --separate-git-dir. > This means that git-fetch and others do not work with repositories > using the separate-git-dir mechanism. > > Teach enter_repo() to deal with the gitfile mechanism by resolving > the path to the redirected path and continuing tests on that path > instead of the found file. > > Signed-off-by: Phil Hord <hordp@xxxxxxxxx> > --- > I meant to include this note on this patch. Maybe I should have added an RFC, too. I'm not sure how to resolve this change for the 'strict' case. The actual path followed may be different than the version spelled out on the input path because of resolved symlinks and whatnot. This function normally returns the unmolested "original" path that was validated. In case of a gitfile, I think that means we should return the url resolved from the gitfile contents. But should we? The returned path is only used in git-daemon where it gets further checks for path restrictions. A. If we return the gitfile-resolved path, this may cause these path restrictions to fail since the path gets canonicalized when the gitfile is created by git. B. If we do not return the gitfile-resolved path, this can create a security-hole by allowing remote users to access files they would otherwise have been restricted from. In effect it creates an alternate symlink mechanism of which the administrator might not be aware. -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html