Thread (35 messages) 35 messages, 5 authors, 2019-01-17

Re: [PATCH 2/2] submodule: munge paths to submodule git directories

From: Jonathan Nieder <hidden>
Date: 2018-08-14 21:12:16

Hi,

Stefan Beller wrote:
On Tue, Aug 14, 2018 at 11:57 AM Jonathan Nieder [off-list ref] wrote:
quoted
Second, what if we store the pathname in config?  We already store the
URL there:

        [submodule "plugins/hooks"]
                url = https://gerrit.googlesource.com/plugins/hooks

So we could (as a followup patch) do something like

        [submodule "plugins/hooks"]
                url = https://gerrit.googlesource.com/plugins/hooks
                gitdirname = plugins%2fhooks

and use that for lookups instead of regenerating the directory name.
What do you think?
As I just looked at worktree code, this sounds intriguing for the wrong
reason (again), as a user may want to point the gitdirname to a repository
that they have already on disk outside the actual superproject. They
would be reinventing worktrees in the submodule space. ;-)

This would open up the security hole that we just had, again.
So we'd have to make sure that the gitdirname (instead of the
now meaningless subsection name) is proof to ../ attacks.

I feel uneasy about this as then the user might come in
and move submodules and repoint the gitdirname...
to a not url encoded path. Exposing this knob just
asks for trouble, no?
What if we forbid directory separator characters in the gitdirname?

[...]
What would happen if gitdirname is changed as part of
history? (The same problem we have now with changing
the subsection name)
In this proposal, it would only be read from config, not from
.gitmodules.

Thanks,
Jonathan
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help