Re: How to use git attributes to configure server-side checks?

[Michael Haggerty <mhagger@alum.mit.edu>]

On 09/23/2011 09:33 PM, Jeff King wrote:
> [1] I really wish we had an elegant way of versioning meta-information
>     about a repository (like config, info/attributes, etc). I've hacked
>     around this before by having a special meta-branch for each repo,
>     checkout it out in an alternate directory, and then symlinking bits
>     of it into .git. But that's kind of ugly, too.
> 
>     I'm not sure what a good solution would look like. There's a real
>     can of worms with respect to picking and choosing local versus
>     remote bits of meta-information, with some security implications.

This could be implemented by having a single local config option that
enables the use of an in-tree .gitconfig file:

    git config core.useTreeConfig true

(or whatever the correct naming convention would be).  This option would
default to false, so the in-tree config would only occur following an
affirmative decision by the cloner.

If finer granularity is required, config options could be classified
into "security-relevant" and "non-security-relevant" options, where the
former group basically includes anything that can cause arbitrary code
to be executed.  Then there could be a "core.useTreeConfig = safeonly"
option to allow only the harmless options.

I think the priority of config options (highest to lowest) should be

       $GIT_DIR/config
       in-tree .gitconfig
       ~/.gitconfig
       $(prefix)/etc/gitconfig

Of course, just like for attributes, it would have to be decided which
version of the .gitconfig to use in which situations.

Michael

-- 
Michael Haggerty
mhagger@alum.mit.edu
http://softwareswirl.blogspot.com/