diff options
| author | Johannes Schindelin <johannes.schindelin@gmx.de> | 2022-06-23 12:35:23 +0200 |
|---|---|---|
| committer | Johannes Schindelin <johannes.schindelin@gmx.de> | 2022-06-23 12:35:23 +0200 |
| commit | 2f8809f9a1838eb607f14097dcd63071f2eb00fe (patch) | |
| tree | 35cf8fe9c40e60bf331e3bf5f47dd1a80b0251ae /Documentation | |
| parent | 09f66d65f87e0a547c186e4027368a826a965256 (diff) | |
| parent | 88b7be68a4bf9f39b84ed438d8d776c0d752b316 (diff) | |
| download | git-2f8809f9a1838eb607f14097dcd63071f2eb00fe.tar.gz | |
Sync with 2.30.5
* maint-2.30:
Git 2.30.5
setup: tighten ownership checks post CVE-2022-24765
git-compat-util: allow root to access both SUDO_UID and root owned
t0034: add negative tests and allow git init to mostly work under sudo
git-compat-util: avoid failing dir ownership checks if running privileged
t: regression git needs safe.directory when using sudo
Diffstat (limited to 'Documentation')
| -rw-r--r-- | Documentation/RelNotes/2.30.5.txt | 12 | ||||
| -rw-r--r-- | Documentation/config/safe.txt | 14 |
2 files changed, 26 insertions, 0 deletions
diff --git a/Documentation/RelNotes/2.30.5.txt b/Documentation/RelNotes/2.30.5.txt new file mode 100644 index 0000000000..5191cab3ae --- /dev/null +++ b/Documentation/RelNotes/2.30.5.txt @@ -0,0 +1,12 @@ +Git v2.30.5 Release Notes +========================= + +This release contains minor fix-ups for the changes that went into +Git 2.30.3 and 2.30.4, addressing CVE-2022-29187. + + * The safety check that verifies a safe ownership of the Git + worktree is now extended to also cover the ownership of the Git + directory (and the `.git` file, if there is any). + +Carlo Marcelo Arenas Belón (1): + setup: tighten ownership checks post CVE-2022-24765 diff --git a/Documentation/config/safe.txt b/Documentation/config/safe.txt index 6d764fe0cc..74627c5e7c 100644 --- a/Documentation/config/safe.txt +++ b/Documentation/config/safe.txt @@ -26,3 +26,17 @@ directory was listed in the `safe.directory` list. If `safe.directory=*` is set in system config and you want to re-enable this protection, then initialize your list with an empty value before listing the repositories that you deem safe. ++ +As explained, Git only allows you to access repositories owned by +yourself, i.e. the user who is running Git, by default. When Git +is running as 'root' in a non Windows platform that provides sudo, +however, git checks the SUDO_UID environment variable that sudo creates +and will allow access to the uid recorded as its value in addition to +the id from 'root'. +This is to make it easy to perform a common sequence during installation +"make && sudo make install". A git process running under 'sudo' runs as +'root' but the 'sudo' command exports the environment variable to record +which id the original user has. +If that is not what you would prefer and want git to only trust +repositories that are owned by root instead, then you can remove +the `SUDO_UID` variable from root's environment before invoking git. |