Re: [PATCH v3 2/3] git-compat-util: avoid failing dir ownership checks if running privileged

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: [PATCH v3 2/3] git-compat-util: avoid failing dir ownership checks if running privileged
From: Junio C Hamano <gitster@xxxxxxxxx>
Date: Fri, 06 May 2022 13:00:35 -0700
Cc: phillip.wood@xxxxxxxxxxxxx, Johannes Schindelin <Johannes.Schindelin@xxxxxx>, git@xxxxxxxxxxxxxxx, bagasdotme@xxxxxxxxx, Guy Maurel <guy.j@xxxxxxxxx>, SZEDER Gábor <szeder.dev@xxxxxxxxx>, Randall Becker <rsbecker@xxxxxxxxxxxxx>
In-reply-to: <CAPUEspiMsvNhQF-RjW5eu3Xco9gU7TFt4w9dOOcF1PGM4Z+ceQ@mail.gmail.com> (Carlo Arenas's message of "Fri, 6 May 2022 12:15:06 -0700")
References: <20220428105852.94449-1-carenas@gmail.com> <20220503065442.95699-1-carenas@gmail.com> <20220503065442.95699-3-carenas@gmail.com> <nycvar.QRO.7.76.6.2205051545370.355@tvgsbejvaqbjf.bet> <c9fc0fc6-c688-022d-9476-aaa87c66d295@gmail.com> <CAPUEspiMsvNhQF-RjW5eu3Xco9gU7TFt4w9dOOcF1PGM4Z+ceQ@mail.gmail.com>
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux)

Carlo Arenas <carenas@xxxxxxxxx> writes:

> which is also why we can't use it, any possibly bogus or suspicious
> value we get from SUDO_UID MUST be ignored.

I do not think I agree.  If we have strange value in SUDO_UID, it
would be much better and safer to err on the safe side.  

Instead of ignoring, in the situation where we care about the value
we read from SUDO_UID (i.e. when euid==0), we should die loudly when
it has a strange value.

Follow-Ups:
- Re: [PATCH v3 2/3] git-compat-util: avoid failing dir ownership checks if running privileged
  - From: Carlo Arenas

References:
- [PATCH v2 0/3] fix `sudo make install` regression in maint
  - From: Carlo Marcelo Arenas Belón
- [PATCH v3 0/3] fix `sudo make install` regression in maint
  - From: Carlo Marcelo Arenas Belón
- [PATCH v3 2/3] git-compat-util: avoid failing dir ownership checks if running privileged
  - From: Carlo Marcelo Arenas Belón
- Re: [PATCH v3 2/3] git-compat-util: avoid failing dir ownership checks if running privileged
  - From: Johannes Schindelin
- Re: [PATCH v3 2/3] git-compat-util: avoid failing dir ownership checks if running privileged
  - From: Phillip Wood
- Re: [PATCH v3 2/3] git-compat-util: avoid failing dir ownership checks if running privileged
  - From: Carlo Arenas

Prev by Date: Re: [RFC PATCH 0/1] dir: consider worktree config in path recursion
Next by Date: Re: [PATCH v3 2/3] git-compat-util: avoid failing dir ownership checks if running privileged
Previous by thread: Re: [PATCH v3 2/3] git-compat-util: avoid failing dir ownership checks if running privileged
Next by thread: Re: [PATCH v3 2/3] git-compat-util: avoid failing dir ownership checks if running privileged
Index(es):
- Date
- Thread

[Index of Archives] [Linux Kernel Development] [Gcc Help] [IETF Annouce] [DCCP] [Netdev] [Networking] [Security] [V4L] [Bugtraq] [Yosemite] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Linux SCSI] [Fedora Users]