From: "Randall S. Becker" <rsbecker@nexbridge.com>
To: "'Junio C Hamano'" <gitster@pobox.com>
Cc: "'Bryan Turner'" <bturner@atlassian.com>,
"'Git Users'" <git@vger.kernel.org>
Subject: RE: [Best Practices Request] clean/smudge configuration
Date: Fri, 11 May 2018 15:25:32 -0400 [thread overview]
Message-ID: <001601d3e95d$d76272a0$862757e0$@nexbridge.com> (raw)
In-Reply-To: <xmqq7eobhqpi.fsf@gitster-ct.c.googlers.com>
On May 10, 2018 10:27 PM, Junio C Hamano wrote:
> "Randall S. Becker" <rsbecker@nexbridge.com> writes:
>
> > What if we create a ../.gitconfig like ../.gitattributes, that is
> > loaded before .git/config?
>
> You should not forget one of the two reasons why clean/smudge/diff etc.
> drivers must be given with a step of redirection, split between attributes and
> config. "This path holds text from ancient macs" at the logical level may be
> expressed in .gitattributes, and then "when checking out text from ancient
> macs, process the blob data with this program to turn it into a form suitable
> for working tree" is given as a smudge filter program, that is (1) suitable for
> the platform _you_ as the writer of the config file is using *AND* (2)
> something you are confortable running on behalf of you.
>
> We *deliberately* lack a mechanism to pay attention to in-tree config that
> gets propagated to those who get them via "git clone", exactly because
> otherwise your upstream may not just specify a "smudge" program that your
> platform would be unable to run, but can specify a "smudge" program that
> pretends to be a smudger, but is actually a program that installs a keylogger
> and posts your login password and bank details to this mailing list ;-)
>
> So, no, I do not think in-tree configuration will fly.
I agree, which is why I asked the original question instead of posting it as a formal patch. We would probably get a brand new CVE implementing the proposed proto-changes even if the original intent was internal trusted repositories only. That's why I asked this as a "Best Practices" type question, which I think I have a better idea on now. The actual situation is rather cool from a DevOps point of view, and whatever the ultimate solution is, might make for a nice presentation at some future conference 😉.
Cheers and thanks,
Randall
prev parent reply other threads:[~2018-05-11 19:25 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-09 22:08 [Best Practices Request] clean/smudge configuration Randall S. Becker
2018-05-09 22:39 ` Bryan Turner
2018-05-09 22:57 ` Randall S. Becker
2018-05-10 19:59 ` Randall S. Becker
2018-05-11 2:27 ` Junio C Hamano
2018-05-11 19:25 ` Randall S. Becker [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='001601d3e95d$d76272a0$862757e0$@nexbridge.com' \
--to=rsbecker@nexbridge.com \
--cc=bturner@atlassian.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).