mirrors/git
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'bc/allow-upload-pack-from-other-people'

Browse Source 
Loosen overly strict ownership check introduced in the recent past,
to keep the promise "cloning a suspicious repository is a safe
first step to inspect it".

* bc/allow-upload-pack-from-other-people:
  Allow cloning from repositories owned by another user
This commit is contained in:
Junio C Hamano
2024-12-10 10:04:55 +09:00
parent 9cd1e2e1a0 0ffb5a6bf1
commit 35f40385e4
7 changed files with 49 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
daemon.c
View File

@ -152,6 +152,7 @@ static const char *path_ok(const char *directory, struct hostinfo *hi)
size_t rlen;
const char *path;
const char *dir;
unsigned enter_repo_flags;
dir = directory;
@ -242,14 +243,15 @@ static const char *path_ok(const char *directory, struct hostinfo *hi)
dir = rpath;
}
path = enter_repo(dir, strict_paths);
enter_repo_flags = strict_paths ? ENTER_REPO_STRICT : 0;
path = enter_repo(dir, enter_repo_flags);
if (!path && base_path && base_path_relaxed) {
/*
* if we fail and base_path_relaxed is enabled, try without
* prefixing the base path
*/
dir = directory;
path = enter_repo(dir, strict_paths);
path = enter_repo(dir, enter_repo_flags);
}
if (!path) {