Re: [PATCH 00/12] Fix various overly aggressive protections in 2.45.1 and friends

public inbox for git@vger.kernel.org 
 help / color / mirror / Atom feed

From: Joey Hess <id@joeyh•name>
To: Johannes Schindelin <Johannes.Schindelin@gmx•de>
Cc: Junio C Hamano <gitster@pobox•com>, git@vger•kernel.org
Subject: Re: [PATCH 00/12] Fix various overly aggressive protections in 2.45.1 and friends
Date: Mon, 27 May 2024 22:25:26 -0400	[thread overview]
Message-ID: <ZlVAlr8GjN1-YRCK@kitenet.net> (raw)
In-Reply-To: <99225123-70f0-3546-a6fa-b6d1f981b41d@gmx.de>

[-- Attachment #1: Type: text/plain, Size: 1081 bytes --]

Johannes Schindelin wrote:
> And there is a good reason _not_ to write stuff inside the `.git/`
> directory unless you happen to be, well, Git itself: Git makes no
> guarantees whatsoever that you can write into that directory whatever you
> want. A future Git version might even write a file `.git/annex`, breaking
> `git-annex`' assumptions, and that'd be totally within the guarantees Git
> makes.

Well git-annex is hardly the only program to decide to carve out
part of .git/ for its own use. For example, git-lfs uses .git/lfs/
rather similarly.

Anyway, I hope I can ask nicely and not have tne git developers choose
to use .git/annex/ for something. Since it would cause a large amount of
pain to a large number of users, who would all have to rebase histories
of (often massive) git repos to update symlinks pointing there.

> No, the vulnerability that triggered this defense-in-depth was not
> CVE-2024-32021, but instead CVE-2024-32002, a critical security issue.

Ahh, thanks, I understand the concerns a little bit better now.

-- 
see shy jo

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

next prev parent reply	other threads:[~2024-05-28  2:25 UTC|newest]

Thread overview: 36+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-05-21 19:56 [PATCH 00/12] Fix various overly aggressive protections in 2.45.1 and friends Junio C Hamano
2024-05-21 19:56 ` [PATCH 01/12] send-email: drop FakeTerm hack Junio C Hamano
2024-05-22  8:19   ` Dragan Simic
2024-05-21 19:56 ` [PATCH 02/12] send-email: avoid creating more than one Term::ReadLine object Junio C Hamano
2024-05-22  8:15   ` Dragan Simic
2024-05-21 19:56 ` [PATCH 03/12] ci: drop mention of BREW_INSTALL_PACKAGES variable Junio C Hamano
2024-05-21 19:56 ` [PATCH 04/12] ci: avoid bare "gcc" for osx-gcc job Junio C Hamano
2024-05-21 19:56 ` [PATCH 05/12] ci: stop installing "gcc-13" for osx-gcc Junio C Hamano
2024-05-21 19:56 ` [PATCH 06/12] hook: plug a new memory leak Junio C Hamano
2024-05-21 19:56 ` [PATCH 07/12] init: use the correct path of the templates directory again Junio C Hamano
2024-05-21 19:56 ` [PATCH 08/12] Revert "core.hooksPath: add some protection while cloning" Junio C Hamano
2024-05-21 19:56 ` [PATCH 09/12] tests: verify that `clone -c core.hooksPath=/dev/null` works again Junio C Hamano
2024-05-21 22:57   ` Brooke Kuhlmann
2024-05-21 19:56 ` [PATCH 10/12] clone: drop the protections where hooks aren't run Junio C Hamano
2024-05-21 19:56 ` [PATCH 11/12] Revert "Add a helper function to compare file contents" Junio C Hamano
2024-05-21 19:56 ` [PATCH 12/12] Revert "fetch/clone: detect dubious ownership of local repositories" Junio C Hamano
2024-05-21 20:43   ` Junio C Hamano
2024-05-22  7:27     ` Johannes Schindelin
2024-05-22 17:20       ` Junio C Hamano
2024-05-21 20:45 ` [rPATCH 13/12] Merge branch 'jc/fix-aggressive-protection-2.39' Junio C Hamano
2024-05-23 10:36   ` Reviewing merge commits, was " Johannes Schindelin
2024-05-23 14:41     ` Junio C Hamano
2024-05-21 20:45 ` [rPATCH 14/12] Merge branch 'jc/fix-aggressive-protection-2.40' Junio C Hamano
2024-05-21 21:33   ` Junio C Hamano
2024-05-21 21:14 ` [PATCH 00/12] Fix various overly aggressive protections in 2.45.1 and friends Johannes Schindelin
2024-05-21 21:46   ` Junio C Hamano
2024-05-21 22:13     ` Junio C Hamano
2024-05-22 10:01 ` Joey Hess
2024-05-23  5:49   ` Junio C Hamano
2024-05-23 16:31     ` Joey Hess
2024-05-27 19:51       ` Johannes Schindelin
2024-05-28  2:25         ` Joey Hess [this message]
2024-05-28 15:02         ` Phillip Wood
2024-05-28 16:13           ` Junio C Hamano
2024-05-28 17:47           ` Junio C Hamano
2024-05-23 23:32     ` Junio C Hamano

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=ZlVAlr8GjN1-YRCK@kitenet.net \
    --to=id@joeyh$(echo .)name \
    --cc=Johannes.Schindelin@gmx$(echo .)de \
    --cc=git@vger$(echo .)kernel.org \
    --cc=gitster@pobox$(echo .)com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox