"Glen Choo via GitGitGadget" <gitgitgadget@xxxxxxxxx> writes: > From: Glen Choo <chooglen@xxxxxxxxxx> > > For security reasons, there are config variables that are only trusted > when they are specified in extra-trustworthy configuration scopes, which Probably better to delete "extra-trustworthy", or at least "extra-" - it's better to explain why and how they're trustworthy, which you have already done in the commit message. > diff --git a/Documentation/git-config.txt b/Documentation/git-config.txt > index 5e4c95f2423..2b4334faec9 100644 > --- a/Documentation/git-config.txt > +++ b/Documentation/git-config.txt [snip] > +Protected config refers to the 'system', 'global', and 'command' scopes. Git > +considers these scopes to be especially trustworthy because they are likely > +to be controlled by the user or a trusted administrator. An attacker who > +controls these scopes can do substantial harm without using Git, so it is > +assumed that the user's environment protects these scopes against attackers. > + > +For security reasons, certain options are only respected when they are > +specified in protected config, and ignored otherwise. Also "especially trustworthy" here.
