On Thu, Dec 20, 2012 at 10:49:15AM -0500, Aaron Schrab wrote: > At 10:04 -0500 20 Dec 2012, Jeff King <peff@xxxxxxxx> wrote: > >The problem seems to be that people are giving bad advice to tell > >people to post "git config -l" output without looking at. Maybe we > >could help them with a "git config --share-config" option that > >dumps all config, but sanitizes the output. It would need to have a > >list of sensitive keys (which does not exist yet), and would need > >to not just mark up things like smtppass, but would also need to > >pull credential information out of remote.*.url strings. And maybe > >more (I haven't thought too long on it). > > If such an option is added, it is likely to cause more people to > think that there is no need to examine the output before sharing it. > But, I don't think that the sanitizing could ever be sufficient to > guarantee that. > > Tools outside of the core git tree may add support for new config > keys which are meant to contain sensitive information, and there > would be no way for `git config` to know about those. Good point. I was a little on the fence already because any time you have a "prevent known bad" list in a security setting, it is guaranteed to go out of date and screw you. But the presence of third-party tools means it does not even have to get out of date. It will always be complete. > I think that attempting to do this would only result in a false sense > of security. Yeah. Thanks for a dose of sanity. I was really trying not to say "the given advice is bad, and we cannot help those people". But I think you are right; the only sensible path is for the user to inspect the output before posting it. -Peff -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html