Re: [PATCH] Allow aliases to expand to shell commands

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

To: Junio C Hamano <junkio@...>

Cc: Johannes Schindelin <Johannes.Schindelin@...>, <git@...>

Subject: Re: [PATCH] Allow aliases to expand to shell commands

Date: Sunday, February 11, 2007 - 11:56 pm

On Sun, Feb 11, 2007 at 01:44:25PM -0800, Junio C Hamano wrote:
quoted text> Theodore Tso <tytso@mit.edu> writes:
> 
> > ..., I think we're
> > still safe, since aliases can't override commands.  
> 
> I feel a bit uneasy to hear safety argument based on that
> current restriction, since we might want to loosen it later.

Loosen which restriction?

1) The ability for aliases to shadow existing git commands?
2) The ability for untrusted users to make arbitrary changes to the 
      config file?
3) The ability for untrusted users to execute arbitrary git commands via 
      git-shell?

You hjave to loosen at least 2 of the 3 current restrictions before
the ability to execute shell commands out of aliases becomes a problem
--- and I would argue that either (2) or (3) are things that we would
be insane to loosen at least to the point of allowing untrusted users
to make arbitrary changes to the config or execute arbitrary git
commands, since even today, they could do a huge amount of damage
already.

						- Ted
-
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Git rescue mission, Bill Lear, (Wed Feb 7, 8:18 pm)

Re: Git rescue mission, Linus Torvalds, (Thu Feb 8, 1:27 pm)

Re: Git rescue mission, Kalle Pokki, (Thu Feb 8, 4:12 pm)

Re: Git rescue mission, Linus Torvalds, (Thu Feb 8, 5:23 pm)

Re: Git rescue mission, Kalle Pokki, (Thu Feb 8, 6:03 pm)

Re: Git rescue mission, Shawn O. Pearce, (Thu Feb 8, 6:10 pm)

Re: Git rescue mission, Kalle Pokki, (Fri Feb 9, 3:21 pm)

Re: Git rescue mission, Theodore Tso, (Thu Feb 8, 9:48 pm)

Re: Git rescue mission, Shawn O. Pearce, (Thu Feb 8, 9:58 pm)

Re: Git rescue mission, Theodore Ts'o, (Sat Feb 10, 12:05 pm)

[PATCH] Print a sane error message if an alias expands to an..., Theodore Ts'o, (Sat Feb 10, 12:05 pm)

Re: [PATCH] Print a sane error message if an alias expands t..., Junio C Hamano, (Sat Feb 10, 12:50 pm)

[PATCH] Allow aliases to expand to shell commands, Theodore Ts'o, (Sat Feb 10, 12:05 pm)

Re: [PATCH] Allow aliases to expand to shell commands, Theodore Tso, (Sat Feb 10, 2:13 pm)

Re: [PATCH] Allow aliases to expand to shell commands, Johannes Schindelin, (Sat Feb 10, 4:34 pm)

Re: [PATCH] Allow aliases to expand to shell commands, Theodore Tso, (Sat Feb 10, 8:13 pm)

Re: [PATCH] Allow aliases to expand to shell commands, Johannes Schindelin, (Sun Feb 11, 12:03 pm)

Re: [PATCH] Allow aliases to expand to shell commands, Theodore Tso, (Sun Feb 11, 12:21 pm)

Re: [PATCH] Allow aliases to expand to shell commands, Junio C Hamano, (Sun Feb 11, 5:44 pm)

Re: [PATCH] Allow aliases to expand to shell commands, Theodore Tso, (Sun Feb 11, 11:56 pm)

Re: [PATCH] Allow aliases to expand to shell commands, Shawn O. Pearce, (Mon Feb 12, 2:53 am)

Re: [PATCH] Allow aliases to expand to shell commands, Johannes Schindelin, (Sun Feb 11, 6:03 pm)

Re: [PATCH] Allow aliases to expand to shell commands, Johannes Schindelin, (Sun Feb 11, 12:36 pm)

Re: [PATCH] Allow aliases to expand to shell commands, Linus Torvalds, (Sat Feb 10, 2:04 pm)

Re: Git rescue mission, Bill Lear, (Thu Feb 8, 5:57 pm)

Re: Git rescue mission, Linus Torvalds, (Thu Feb 8, 6:13 pm)

Re: Git rescue mission, Junio C Hamano, (Fri Feb 9, 12:38 am)

Re: Git rescue mission, Bill Lear, (Thu Feb 8, 7:25 pm)

Re: Git rescue mission, Linus Torvalds, (Thu Feb 8, 7:46 pm)

Re: Git rescue mission, Shawn O. Pearce, (Thu Feb 8, 7:33 pm)

Re: Git rescue mission, Bill Lear, (Thu Feb 8, 7:40 pm)

Re: Git rescue mission, Linus Torvalds, (Thu Feb 8, 8:17 pm)

Re: Git rescue mission, Michael S. Tsirkin, (Fri Feb 9, 4:58 am)

Re: Git rescue mission, Jakub Narebski, (Thu Feb 8, 8:03 pm)

Re: Git rescue mission, Shawn O. Pearce, (Thu Feb 8, 7:50 pm)

Re: Git rescue mission, Bill Lear, (Thu Feb 8, 6:33 pm)

Re: Git rescue mission, Jakub Narebski, (Thu Feb 8, 6:29 pm)

Re: Git rescue mission, Johannes Schindelin, (Wed Feb 7, 8:22 pm)

Re: Git rescue mission, Bill Lear, (Wed Feb 7, 8:24 pm)

Re: Git rescue mission, Johannes Schindelin, (Wed Feb 7, 8:25 pm)

Re: Git rescue mission, Bill Lear, (Wed Feb 7, 8:34 pm)

Re: Git rescue mission, Junio C Hamano, (Wed Feb 7, 8:48 pm)

Re: Git rescue mission, Alexander Litvinov, (Thu Feb 8, 12:28 am)

Re: Git rescue mission, Junio C Hamano, (Thu Feb 8, 8:53 pm)

Re: Git rescue mission, Alexander Litvinov, (Thu Feb 8, 11:32 pm)

Re: Git rescue mission, Bill Lear, (Thu Feb 8, 11:27 am)

Re: Git rescue mission, Jeff King, (Thu Feb 8, 7:24 pm)

Re: Git rescue mission, Bill Lear, (Thu Feb 8, 7:32 pm)


linux-kernel:
Greg KH	[GIT PATCH] driver core patches against 2.6.24
david	Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3
David Woodhouse	[PATCH 1/3] firmware: allow firmware files to be built into kernel image
Peter Zijlstra	[PATCH 00/23] per device dirty throttling -v8
git:

linux-netdev:
Jarek Poplawski	[PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
Gerrit Renker	[PATCH 27/37] dccp: Integration of dynamic feature activation - part 2 (server side)
Josip Rodin	bnx2_poll panicking kernel
Patrick McHardy	Re: [GIT]: Networking
openbsd-misc: