On Sun, Feb 11, 2007 at 05:03:29PM +0100, Johannes Schindelin wrote: > > ... and git-shell only allows git-receive-pack and git-upload-pack to be > > called, with a single argument, and aliases aren't allowed to override > > commands. So we're safe here, I think. > > Yes, sorry. I have a modified git-shell, which allows the git wrapper, > too, to allow setting the config. I'll just fix it here. If all you've enabled is the ability to set the config, I think we're still safe, since aliases can't override commands. Still there are enough config options that might be scary, either now (the http.ssl* options) or in the future (someone might think that it makes sense to set the post-commit, post-push, et. al hooks in the config), that I wouldn't be particularly comfortable letting git-shell have unrestricted access to set the config without having some restriction about which config parameters were allowed to be set from the restricted shell. Why did you add that ability, out of curiosity? - Ted - To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html