Hello!
It might be important for your debugging work.
I introduce a new file /root/.gitconfig
-rw-r--r-- 1 root root 57 Apr 25 17:03 .gitconfig
with
[safe]
directory = /home/guy/Software/uncrustify
And the call works pretty well:
uncrustify/build $ sudo ~/Software/Git/2.36.0/tar-gz/git-2.36.0/git-describe
uncrustify-0.74.0-315-ga3466c92
Thanks for helping!
guy
Am 25.04.22 um 10:40 schrieb Carlo Marcelo Arenas Belón:
On Mon, Apr 25, 2022 at 12:02:45AM -0700, Carlo Marcelo Arenas Belón wrote:
On Sun, Apr 24, 2022 at 11:39:27PM -0700, Junio C Hamano wrote:
Carlo Marcelo Arenas Belón <carenas@xxxxxxxxx> writes:
At that point, though you might as well excempt root from this check
But "root" or any higher-valued account is what needs this kind of
protection the most, no?
correct, and I didn't meant to excempt root from the protection, but
from the check that requires that the config file ownership matches.
if the config file is owned by root, we already lost, regardless of what
uid git is running as.
apologies for my confusing english, hopefully this C is clearer
diff --git a/git-compat-util.h b/git-compat-util.h
index 58fd813bd01..6a385be7d1d 100644
--- a/git-compat-util.h
+++ b/git-compat-util.h
@@ -440,9 +440,19 @@ static inline int git_offset_1st_component(const char *path)
static inline int is_path_owned_by_current_uid(const char *path)
{
struct stat st;
+ uid_t euid;
+
if (lstat(path, &st))
return 0;
- return st.st_uid == geteuid();
+
+ euid = geteuid();
+ if (!euid && st.st_uid && isatty(0)) {
+ struct stat ttyst;
+ if (!stat(ttyname(0), &ttyst))
+ euid = ttyst.st_uid;
+ }
+
+ return st.st_uid == euid;
}
#define is_path_owned_by_current_user is_path_owned_by_current_uid
it uses stdin instead not to fall in the issue that was raised by
Gábor, but I am affraid that it might need to check all stdnandles for
a valid tty to be safe, and it looking even more complex.
Carlo
--
Guy Maurel
Sebastian-Fischer-Weg 13
89077 Ulm