On Wed Oct 30, 2024 at 11:23 PM CDT, Michael Orlitzky wrote: > If I create a new repository as root, > > $ sudo git init > Initialized empty Git repository in /home/mjo/tmp/.git/ > > $ ls -alh > total 12K > drwxr-xr-x 3 mjo mjo 4.0K 2024-10-31 00:09 . > drwxr-x--- 17 mjo mjo 4.0K 2024-10-31 00:07 .. > drwxr-xr-x 6 root root 4.0K 2024-10-31 00:09 .git > > and attempt to do anything in it, I get a safe.directory warning: > > $ git status > fatal: detected dubious ownership in repository at '/home/mjo/tmp' > ... > > Does that make sense? In terms of ownership, root:root is as safe as > it gets. > > I'm aware that safe.directory is only scratching the surface of these > "doing things in a directory that someone else can write to" exploits, > but within the limited scope of this one feature, root ownership does > not strike me as particularly dubious. The dubious ownership check simply reports that the directory is owned by someone other than the user running the command, with no special handling for the root user. While the error might not make the most sense in this context, I'm not sure that it's worth special-casing the root user (really the user with id = 0 as it might not be named `root`) in the implementation. Why would you initialize a repository as `root` in the first place? Best, Caleb
