[...]
So you are partially suggesting that git-daemon isn't thought to
be secure, and that anything readable by the user that git-daemon
is running as is fully exposed to the public Internet. So the
access control attempts relating to --base-path or the check for
git-daemon-export-ok shouldn't really be trusted or relied upon.
If that really is the case, perhaps git-daemon should be audited
and hardened further. Last I checked, we encouraged people to run
it to offer anonymous access to repositories, and the documentation
suggests there are publishing access controls that actually work.
If those controls cannot be trusted then we shouldn't encourage
running git-daemon on untrusted networks.
With regards to this patch, yes, you can export your entire $HOME
and maybe expose things you shouldn't or didn't want to. But even
without git installed you could do this:
cp /bin/bash /tmp/be-like-mike
chown $USER /tmp/be-like-mike
chmod 777 /tmp/be-like-mike
chmod u+s /tmp/be-like-mike
wall "try out /tmp/be-like-mike today"
but why would anyone do something that foolish? UNIX provides the
tools to do this, because there are cases where it can be useful,
but really, you have to be nuts to export all of $HOME.
--
Shawn.
-
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
