Stefan Beller <sbeller@xxxxxxxxxx> writes: > There was a recent thread (which I assumed was the one I linked), that talked > about security implications as soon as we loose the rather strict "git > is to be used > in a posix world", e.g. sharing your repo over NFS/Dropbox. The > specific question > that Peff asked was how the internal formats can be exploited. (Can a malicious > index file be crafted such that it is not just a segfault, but a > 'remote' code execution, > given that you deploy the maliciously crafted file via NFS. Removing checks that > we already have made me a bit suspicious that it *may* be helping an > attacker here, > though I have no hard data to show) > > Sorry for the confusion, Thanks for an explanation, as I had the same reaction as Dscho initially. I'd assumed that the worst would be to create a wrong state (e.g. the same path registered twice with different contents in the index, a malformed tree written out of it, etc.), but that's merely an assumption not the result of an audit.