On Sun, Apr 24, 2022 at 11:39:27PM -0700, Junio C Hamano wrote: > Carlo Marcelo Arenas Belón <carenas@xxxxxxxxx> writes: > > > At that point, though you might as well excempt root from this check > > But "root" or any higher-valued account is what needs this kind of > protection the most, no? correct, and I didn't meant to excempt root from the protection, but from the check that requires that the config file ownership matches. if the config file is owned by root, we already lost, regardless of what uid git is running as. FWIW the proposed change doesn't weaken the current protection, it just allows a git process that is running as root (through sudo) to figure out what real user was the terminal session running as, so it wouldn't incorrectly triggeer an error. > The protection is *not* about people > knowingly accessing their own repository via "root", nope, but the regression that was described by the original post is Carlo
