diff options
| author | Eric Wong <normalperson@yhbt.net> | 2014-05-06 00:17:14 +0000 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2014-05-06 12:23:58 -0700 |
| commit | daa22c6f8da466bd7a438f1bc27375fd737ffcf3 (patch) | |
| tree | dc6e1dcb229c908bdd71bbfed713fb6e06b4df17 | |
| parent | 0bc85abb7aa9b24b093253018801a0fb43d01122 (diff) | |
| download | git-daa22c6f8da466bd7a438f1bc27375fd737ffcf3.tar.gz git-daa22c6f8da466bd7a438f1bc27375fd737ffcf3.tar.xz | |
config: preserve config file permissions on edits
Users may already store sensitive data such as imap.pass in
.git/config; making the file world-readable when "git config"
is called to edit means their password would be compromised
on a shared system.
[v2: updated for section renames, as noted by Junio]
Signed-off-by: Eric Wong <normalperson@yhbt.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
| -rw-r--r-- | config.c | 16 | ||||
| -rwxr-xr-x | t/t1300-repo-config.sh | 10 |
2 files changed, 26 insertions, 0 deletions
@@ -1634,6 +1634,13 @@ int git_config_set_multivar_in_file(const char *config_filename, MAP_PRIVATE, in_fd, 0); close(in_fd); + if (fchmod(fd, st.st_mode & 07777) < 0) { + error("fchmod on %s failed: %s", + lock->filename, strerror(errno)); + ret = CONFIG_NO_WRITE; + goto out_free; + } + if (store.seen == 0) store.seen = 1; @@ -1782,6 +1789,7 @@ int git_config_rename_section_in_file(const char *config_filename, int out_fd; char buf[1024]; FILE *config_file; + struct stat st; if (new_name && !section_name_is_ok(new_name)) { ret = error("invalid section name: %s", new_name); @@ -1803,6 +1811,14 @@ int git_config_rename_section_in_file(const char *config_filename, goto unlock_and_out; } + fstat(fileno(config_file), &st); + + if (fchmod(out_fd, st.st_mode & 07777) < 0) { + ret = error("fchmod on %s failed: %s", + lock->filename, strerror(errno)); + goto out; + } + while (fgets(buf, sizeof(buf), config_file)) { int i; int length; diff --git a/t/t1300-repo-config.sh b/t/t1300-repo-config.sh index 967359344..ba41bc93e 100755 --- a/t/t1300-repo-config.sh +++ b/t/t1300-repo-config.sh @@ -1154,4 +1154,14 @@ test_expect_failure 'adding a key into an empty section reuses header' ' test_cmp expect .git/config ' +test_expect_success POSIXPERM,PERL 'preserves existing permissions' ' + chmod 0600 .git/config && + git config imap.pass Hunter2 && + perl -e \ + "die q(badset) if ((stat(q(.git/config)))[2] & 07777) != 0600" && + git config --rename-section imap pop && + perl -e \ + "die q(badrename) if ((stat(q(.git/config)))[2] & 07777) != 0600" +' + test_done |