On 26/06/2024 16:19, rsbecker@xxxxxxxxxxxxx wrote:
On Wednesday, June 26, 2024 9:12 AM, Phillip Wood wrote:
On 26/06/2024 13:33, Florian Schmaus wrote:
An alternative would be to allow safe.directory to be specified on the command line
with "git -c safe.directory='*' daemon ..." rather than adding a dedicated
environment variable. Or you could set $HOME to a suitable directory when
running "git daemon" and put the user-global config file there. That directory and
config file only need to be readable by the user that "git daemon" is running under it
can be owned by root or whoever else you want.
I agree with this alternative. Our CI build environment already has so many environment variables (not just from git but all dependencies and the CI environment itself) that we are pushing the 56Kb platform limit (not kidding). Reducing dependence on environment variables is, in my opinion, a good and necessary thing.
"git -c" still ends up setting an environment variable internally to
ensure that the config setting is passed down to any child processes.
The advantage is that we're re-using an existing mechanism rather than
introducing a new environment variable.
Best Wishes
Phillip
If the environment variable GIT_IGNORE_INSECURE_OWNER is set to true,
then ignore potentially insecure ownership of git-related path
components.
Signed-off-by: Florian Schmaus <flo@xxxxxxxxxxxx>
---
setup.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/setup.c b/setup.c
index 3afa6fb09b28..da3f504fb536 100644
--- a/setup.c
+++ b/setup.c
@@ -1278,6 +1278,14 @@ static int ensure_valid_ownership(const char *gitfile,
*/
git_protected_config(safe_directory_cb, &data);
+ if (data.is_safe)
+ return data.is_safe;
+
+ if (git_env_bool("GIT_IGNORE_INSECURE_OWNER", 0)) {
+ warning("ignoring dubious ownership in repository at '%s'
(GIT_IGNORE_INSECURE_OWNER set)", data.path);
+ return 1;
+ }
+
return data.is_safe;
}
Sincerely
--Randall
