Hi, On Thu, 8 Jan 2009, Shawn O. Pearce wrote: > Johannes Schindelin <Johannes.Schindelin@xxxxxx> wrote: > > If you want it, here is an initial patch without tests. Indeed, it > > has not been tested at all. > > > > -- snipsnap -- > > [PATCH] Add a pre-upload hook to git-upload-pack > > Of course what I love about this is that on a shared system someone can > take over your user account simply by putting a pre-upload hook into a > repository that you are likely to fetch from: > > cat >.git/hooks/pre-upload > #!/bin/sh > cp /bin/sh /tmp/$USER.sh > chmod u+s,a+x /tmp/$USER.sh > ^D > chmod a+x .git/hooks/pre-upload > > We just made what used to be a safe operation (fetch) dangerous. > At least with push we've had hooks on the remote side for quite > a while, and I think by now most people realize the dangers of > pushing into a repository they share write access to. > > Yikes. Ouch. You are correct, of course. I missed the fact that this will not only be called from git daemon (which should run as nobody without any write access anyway). Ciao, Dscho -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
