On Sat, Nov 26, 2011 at 03:57:40PM -0800, Junio C Hamano wrote: > Did I say anything about saNe?. I was talking about saFe. Fine. But that doesn't change my point: the purpose of such a feature is to tell git "do _not_ be safe; I have decided already for you whether it is OK to do this". > > By turning it on, you > > are saying "it's OK to run arbitrary code from the repo as the current > > user". > > The problem I have with it is that you are saying much more than that. > ... as the current user ANYWHERE on the machine. Just because it is passed through the environment does not mean you need to have it set all the time. There is nothing wrong with: GIT_ALLOW_UNTRUSTED_HOOKS=true git fetch ~bob/repo.git We can even spell it: git --allow-untrusted-hooks fetch ~bob/repo.git but it should probably still end up as an environment variable to make it through to the remote side (you could also tack it on to the upload-pack command line; that wouldn't make it across git:// or http:// connections, but those are irrelevant here anyway). -Peff -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html