kernel
/
git
mirror of https://git.kernel.org/pub/scm/git/git.git
1
0
Fork 0
Code Releases Activity
Browse Source

setup: opt-out of check with safe.directory=* 

With the addition of the safe.directory in 8959555ce
(setup_git_directory(): add an owner check for the top-level directory,
2022-03-02) released in v2.35.2, we are receiving feedback from a
variety of users about the feature.

Some users have a very large list of shared repositories and find it
cumbersome to add this config for every one of them.

In a more difficult case, certain workflows involve running Git commands
within containers. The container boundary prevents any global or system
config from communicating `safe.directory` values from the host into the
container. Further, the container almost always runs as a different user
than the owner of the directory in the host.

To simplify the reactions necessary for these users, extend the
definition of the safe.directory config value to include a possible '*'
value. This value implies that all directories are safe, providing a
single setting to opt-out of this protection.

Note that an empty assignment of safe.directory clears all previous
values, and this is already the case with the "if (!value || !*value)"
condition.

Signed-off-by: Derrick Stolee <derrickstolee@github.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
maint
Derrick Stolee 3 years ago committed by Junio C Hamano
parent
bb50ec3cc3
commit
0f85c4a30b
3 changed files with 21 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 7
      Documentation/config/safe.txt
  2. 6
      setup.c
  3. 10
      t/t0033-safe-directory.sh

7
Documentation/config/safe.txt
Unescape View File

@ -19,3 +19,10 @@ line option `-c safe.directory=<path>`.
The value of this setting is interpolated, i.e. `~/<path>` expands to a The value of this setting is interpolated, i.e. `~/<path>` expands to a
path relative to the home directory and `%(prefix)/<path>` expands to a path relative to the home directory and `%(prefix)/<path>` expands to a
path relative to Git's (runtime) prefix. path relative to Git's (runtime) prefix.
+
To completely opt-out of this security check, set `safe.directory` to the
string `*`. This will allow all repositories to be treated as if their
directory was listed in the `safe.directory` list. If `safe.directory=*`
is set in system config and you want to re-enable this protection, then
initialize your list with an empty value before listing the repositories
that you deem safe.

6
setup.c
Unescape View File

@ -1037,9 +1037,11 @@ static int safe_directory_cb(const char *key, const char *value, void *d)
if (strcmp(key, "safe.directory")) if (strcmp(key, "safe.directory"))
return 0; return 0;


if (!value || !*value) if (!value || !*value) {
data->is_safe = 0; data->is_safe = 0;
else { } else if (!strcmp(value, "*")) {
data->is_safe = 1;
} else {
const char *interpolated = NULL; const char *interpolated = NULL;


if (!git_config_pathname(&interpolated, key, value) && if (!git_config_pathname(&interpolated, key, value) &&

10
t/t0033-safe-directory.sh
Unescape View File

@ -36,4 +36,14 @@ test_expect_success 'safe.directory matches, but is reset' '
expect_rejected_dir expect_rejected_dir
' '


test_expect_success 'safe.directory=*' '
git config --global --add safe.directory "*" &&
git status
'

test_expect_success 'safe.directory=*, but is reset' '
git config --global --add safe.directory "" &&
expect_rejected_dir
'

test_done test_done

Write Preview
Loading…
Cancel
Save