But when someone do a "clone" he don't have .git/hooks directory
downloaded to his local computer ? I thought so ...
2013/10/26 Junio C Hamano <gitster@xxxxxxxxx>:
> Olivier Revollat <revollat@xxxxxxxxx> writes:
>
>> I was wondering : What if I had a "malicious" GIT repository who can
>> "inject" code via git hooks mechanism : someone clone my repo and
>> some malicious code is executed when a certain GIT hook is triggered
>> (for example on commit ("prepare-commit-msg' hook))
>
> In that somebody else's clone, you will not have _your_ malicious
> hook installed, unless that cloner explicitly does something stupid,
> like copying that malicious hook.
--
Mathematics is made of 50 percent formulas, 50 percent proofs, and 50
percent imagination.
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html