Quoting Junio C Hamano (2017-03-17 08:26:39) > Michael Haggerty <mhagger@xxxxxxxxxxxx> writes: > I _think_ the real bug is that somehow a user got a wrong impression > that directly underneath $GIT_DIR/ is somehow different from its > subdirectory and it is OK to make the directory unwritable. I do > not think we never intended to give such a promise, but there may be > a documentation bug that gives the wrong impression, which we may > have to fix. Actually, yeah, that's a useful outcome I can steelman out of this email: given that git init --shared has always introduced trivially exploitable security escalations, it should probably either be changed to use sane permissions or have its documentation changed to mention that, at least on base POSIX, using --shared to share a repository between multiple UIDs literally eliminates the purpose of having multiple UIDs.
Attachment:
signature.asc
Description: signature