Skip to content

git-config: secure access to paths and other values #460

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 13 commits into from
Jul 18, 2022
Merged

git-config: secure access to paths and other values #460

merged 13 commits into from
Jul 18, 2022

Conversation

Byron
Copy link
Member

@Byron Byron commented Jul 17, 2022
edited
Loading

That way we are able to load untrusted repositories and simply skip configuration that
isn't trusted by the current user, typically the repository-local one.

As each file has a trust-level associated with it, we can use that possibly as well.

Tasks

  • (maintain newline style by what's actually present, or OS dependent)
  • a way to query a path safely using settings from git-sec, it should probably know about the Trust associated with a config file. This is for git-repository which should make it mandatory to access paths that way.

@Byron Byron mentioned this pull request Jul 17, 2022
Closed
24 tasks
Byron added 12 commits July 17, 2022 22:42
@Byron
prepare for passing through newline (#331)
3c06f88
@Byron
fix: maintain newline format depending on what's present or use platf…
f7bd2ca 
…orm default. (#331)

Previously implicit newlines when adding new sections or keys to
sections was always `\n` which isn't correct on windows.

Now the newline style is detected and used according to what's present,
or in the lack of content, defaults to what's correct for the platform.
@Byron
feat: parse::key to parse a remote.origin.url-like key to identif…
91e718f 
…y a value (#331)
@Byron
feat: Repository::config_snapshot() to access configuration values. (
5f9bfa8 
…#331)
@Byron
Debug for config::Snapshot. (#331)
2c21956 
It's a bit special as it works around the release-versions inability
to reproduce itself losslessly. In debug mode, we do load files
withtout loss, making nice debug printing possible.
@Byron
feat: config::Snapshot::trusted_path() to obtain trustworthy paths. (
d5a48b8 
…#331)

We also apply trust-based config query during initialization to assure
we don't use paths which aren't owned by the current user.
@Byron
feat: Source::is_in_repository() to find out if a source is in the …
f5f2d9b 
…repository. (#331)
@Byron
thanks clippy
d9eb34c
@Byron
feat: file::ValueMut::(section|into_section_mut)() to go from value…
fff0884 
… to the owning section. (#331)

This can be useful if the value was obtained using `raw_value_mut()`.
@Byron
Add remaining config access, and an escape hatch. (#331)
81715ff
@Byron
load configuration with trust information, needs cleanup (#331)
d8e41e2
@Byron
refactor (#331)
5723730
@Byron Byron merged commit b420eba into main Jul 18, 2022
@Byron Byron deleted the config-sec-access branch July 18, 2022 13:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@Byron