kernel
/
git
mirror of https://git.kernel.org/pub/scm/git/git.git
1
0
Fork 0
Code Releases Activity
Browse Source

documentation: add git:// transport security notice 

The fact that the git:// transport does no authentication is easily
overlooked.  For example, DNS poisoning may result in fetching from
somewhere that was not intended.

Add a brief security notice to the "GIT URLS" section
of the documentation stating that the git transport should be used
with caution on unsecured networks.

Signed-off-by: Fraser Tweedale <frase@frase.id.au>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
maint
Fraser Tweedale 12 years ago committed by Junio C Hamano
parent
c0add3073a
commit
20618016df
1 changed files with 3 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 3
      Documentation/urls.txt

3
Documentation/urls.txt
Unescape View File

@ -11,6 +11,9 @@ and ftps can be used for fetching and rsync can be used for fetching @@ -11,6 +11,9 @@ and ftps can be used for fetching and rsync can be used for fetching
and pushing, but these are inefficient and deprecated; do not use
them).

The native transport (i.e. git:// URL) does no authentication and
should be used with caution on unsecured networks.

The following syntaxes may be used with them:

- ssh://{startsb}user@{endsb}host.xz{startsb}:port{endsb}/path/to/repo.git/

Write Preview
Loading…
Cancel
Save