Jeff King <peff@xxxxxxxx> writes: > On Mon, Oct 05, 2020 at 03:17:51AM -0400, Jeff King wrote: > >> About 2 years ago as part of a security release we made it illegal to >> have a symlinked .gitmodules file (refusing it both in the index and via >> fsck). At the time we discussed (on the security list) outlawing >> symlinks for other .git files in the same way, but we decided not to do >> so as part of the security release, as it wasn't strictly necessary. >> >> We publicly revisited the topic in: >> >> https://lore.kernel.org/git/20190114230902.GG162110@xxxxxxxxxx/ >> >> but there were a few fixes needed, and it got forgotten. So here it is >> again, with those fixes: >> [...] > > And here's a v2 incorporating feedback from Jonathan. There are no > substantial changes in the code. Most of the fixes are cosmetic, but the > tests are beefed up a bit, as well: > > - we now test that ntfs and hfs names are matched via fsck and > verify_path() for all file types. The bulk of this is in a new patch > 5, and the final patches are adjusted to use the new helper. > > - we confirm that read-tree doesn't write the forbidden entry into the > index (in addition to seeing that it complains) > > - the test script name is now "bad-dotgitx" instead of the vague > "bad-meta-files" > > - whitespace, typo-fixes, clarity, etc; the range diff is below Thanks for a pleasant read. Will queue.
