git@vger.kernel.org mailing list mirror (one of many)
 help / color / mirror / code / Atom feed
From: Junio C Hamano <gitster@pobox.com>
To: Bert Wesarg <bert.wesarg@googlemail.com>
Cc: git@vger.kernel.org, Denton Liu <liu.denton@gmail.com>
Subject: Re: [PATCH v2 1/2] format-patch: create leading components of output directory
Date: Sun, 06 Oct 2019 09:57:53 +0900	[thread overview]
Message-ID: <xmqqa7ae667i.fsf@gitster-ct.c.googlers.com> (raw)
In-Reply-To: <2b8b000d76a20349f1f9e09260eff91429beebfb.1570264824.git.bert.wesarg@googlemail.com> (Bert Wesarg's message of "Sat, 5 Oct 2019 10:43:51 +0200")

Bert Wesarg <bert.wesarg@googlemail.com> writes:

> +		switch (safe_create_leading_directories_const(output_directory)) {
> +		case SCLD_OK:
> +		case SCLD_EXISTS:
> +			break;
> +		default:
> +			die(_("could not create leading directories "
> +			      "of '%s'"), output_directory);
> +		}
>  		if (mkdir(output_directory, 0777) < 0 && errno != EEXIST)
>  			die_errno(_("could not create directory '%s'"),
>  				  output_directory);

There is a slight discrepancy here in that mkdir(..., 0777) is to
honor the umask setting of the user who is running the command and
does not care about anybody else being able to (or unable to) access
the resulting directory.  On the other hand, s-c-l-d is (as you can
guess from the location the function is defined, sha1-file.c) meant
to be used to create hierarchy _inside_ $GIT_DIR/ in such a way that
anybody who needs to access the repository can access it (via
core.sharedrepository config).

I do not think it matters too much in practice, but

	$ git format-patch -o $HOME/my/patch/depot

that creates intermediate levels that can be writable by other
users, only because the repository you took the patches from was
shared with other users, may probably be seen as a security bug.

  parent reply	other threads:[~2019-10-06  0:57 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-10-02 21:26 [PATCH 1/3] format-patch: document and exercise that -o does only create the trailing directory Bert Wesarg
2019-10-02 21:26 ` [PATCH 2/3] format-patch: create output directory including leading components Bert Wesarg
2019-10-03  0:54   ` Junio C Hamano
2019-10-02 21:26 ` [RFC PATCH 3/3] format-patch: use a command to generate the output directory name Bert Wesarg
2019-10-03  0:57   ` Junio C Hamano
2019-10-05  8:43   ` [PATCH v2 1/2] format-patch: create leading components of output directory Bert Wesarg
2019-10-05  8:43     ` [PATCH v2 2/2] [RFC] format-patch: configure a command to generate the output directory name Bert Wesarg
2019-10-06  0:57     ` Junio C Hamano [this message]
2019-10-07 21:03     ` [PATCH v2 1/2] format-patch: create leading components of output directory SZEDER Gábor
2019-10-08  3:23       ` Junio C Hamano
2019-10-08  9:06       ` Bert Wesarg
2019-10-08  9:14       ` [PATCH] t4014: treat rev-list output as the expected value Denton Liu
2019-10-02 21:47 ` [PATCH 1/3] format-patch: document and exercise that -o does only create the trailing directory Denton Liu
2019-10-03 16:34   ` Bert Wesarg

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: http://vger.kernel.org/majordomo-info.html

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=xmqqa7ae667i.fsf@gitster-ct.c.googlers.com \
    --to=gitster@pobox.com \
    --cc=bert.wesarg@googlemail.com \
    --cc=git@vger.kernel.org \
    --cc=liu.denton@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
Code repositories for project(s) associated with this public inbox

	https://80x24.org/mirrors/git.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).