From: Theodore Tso <tytso@mit.edu>
To: Junio C Hamano <junkio@cox.net>
Cc: Johannes Schindelin <Johannes.Schindelin@gmx.de>, git@vger.kernel.org
Subject: Re: [PATCH] Allow aliases to expand to shell commands
Date: Sun, 11 Feb 2007 22:56:24 -0500 [thread overview]
Message-ID: <20070212035613.GA18010@thunk.org> (raw)
In-Reply-To: <7vy7n4cqti.fsf@assigned-by-dhcp.cox.net>
On Sun, Feb 11, 2007 at 01:44:25PM -0800, Junio C Hamano wrote:
> Theodore Tso <tytso@mit.edu> writes:
>
> > ..., I think we're
> > still safe, since aliases can't override commands.
>
> I feel a bit uneasy to hear safety argument based on that
> current restriction, since we might want to loosen it later.
Loosen which restriction?
1) The ability for aliases to shadow existing git commands?
2) The ability for untrusted users to make arbitrary changes to the
config file?
3) The ability for untrusted users to execute arbitrary git commands via
git-shell?
You hjave to loosen at least 2 of the 3 current restrictions before
the ability to execute shell commands out of aliases becomes a problem
--- and I would argue that either (2) or (3) are things that we would
be insane to loosen at least to the point of allowing untrusted users
to make arbitrary changes to the config or execute arbitrary git
commands, since even today, they could do a huge amount of damage
already.
- Ted
next prev parent reply other threads:[~2007-02-12 6:39 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-02-08 0:18 Git rescue mission Bill Lear
2007-02-08 0:22 ` Johannes Schindelin
2007-02-08 0:24 ` Bill Lear
2007-02-08 0:25 ` Johannes Schindelin
2007-02-08 0:34 ` Bill Lear
2007-02-08 0:48 ` Junio C Hamano
2007-02-08 4:28 ` Alexander Litvinov
2007-02-09 0:53 ` Junio C Hamano
2007-02-09 3:32 ` Alexander Litvinov
2007-02-08 15:27 ` Bill Lear
2007-02-08 15:56 ` Jakub Narebski
2007-02-08 23:24 ` Jeff King
2007-02-08 23:32 ` Bill Lear
2007-02-08 17:27 ` Linus Torvalds
2007-02-08 20:12 ` Kalle Pokki
2007-02-08 21:23 ` Linus Torvalds
2007-02-08 22:03 ` Kalle Pokki
2007-02-08 22:10 ` Shawn O. Pearce
2007-02-09 1:48 ` Theodore Tso
2007-02-09 1:58 ` Shawn O. Pearce
2007-02-09 2:01 ` Jakub Narebski
2007-02-10 16:05 ` Theodore Ts'o
2007-02-10 16:05 ` [PATCH] Print a sane error message if an alias expands to an invalid git command Theodore Ts'o
2007-02-10 16:05 ` [PATCH] Allow aliases to expand to shell commands Theodore Ts'o
2007-02-10 18:04 ` Linus Torvalds
2007-02-10 18:13 ` Theodore Tso
2007-02-10 20:34 ` Johannes Schindelin
2007-02-11 0:13 ` Theodore Tso
2007-02-11 16:03 ` Johannes Schindelin
2007-02-11 16:21 ` Theodore Tso
2007-02-11 16:36 ` Johannes Schindelin
2007-02-11 21:44 ` Junio C Hamano
2007-02-11 22:03 ` Johannes Schindelin
2007-02-12 3:56 ` Theodore Tso [this message]
2007-02-12 6:53 ` Shawn O. Pearce
2007-02-10 16:50 ` [PATCH] Print a sane error message if an alias expands to an invalid git command Junio C Hamano
2007-02-09 19:21 ` Git rescue mission Kalle Pokki
2007-02-08 21:57 ` Bill Lear
2007-02-08 22:13 ` Linus Torvalds
2007-02-08 22:33 ` Bill Lear
2007-02-08 23:25 ` Bill Lear
2007-02-08 23:33 ` Shawn O. Pearce
2007-02-08 23:40 ` Bill Lear
2007-02-08 23:50 ` Shawn O. Pearce
2007-02-09 0:03 ` Jakub Narebski
2007-02-09 0:17 ` Linus Torvalds
2007-02-09 8:58 ` Michael S. Tsirkin
2007-02-08 23:38 ` Jakub Narebski
2007-02-08 23:46 ` Linus Torvalds
2007-02-09 4:38 ` Junio C Hamano
2007-02-08 22:29 ` Jakub Narebski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20070212035613.GA18010@thunk.org \
--to=tytso@mit.edu \
--cc=Johannes.Schindelin@gmx.de \
--cc=git@vger.kernel.org \
--cc=junkio@cox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.