From 4ca8e95773d3ab3308a142d3e3be5e2e2a564358 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Fri, 19 Aug 2022 13:06:38 -0400 Subject: [PATCH] comment --- ..._5b41c061786fd49c75d49aa2cc70bb9f._comment | 21 +++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 doc/bugs/git-annex-import_imports_outside_of_directory/comment_5_5b41c061786fd49c75d49aa2cc70bb9f._comment diff --git a/doc/bugs/git-annex-import_imports_outside_of_directory/comment_5_5b41c061786fd49c75d49aa2cc70bb9f._comment b/doc/bugs/git-annex-import_imports_outside_of_directory/comment_5_5b41c061786fd49c75d49aa2cc70bb9f._comment new file mode 100644 index 0000000000..b48f19276a --- /dev/null +++ b/doc/bugs/git-annex-import_imports_outside_of_directory/comment_5_5b41c061786fd49c75d49aa2cc70bb9f._comment @@ -0,0 +1,21 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 5""" + date="2022-08-19T17:01:42Z" + content=""" +@skcin I'm very sorry that happened to you. I suppose it's not data loss, +but it sounds like a mess. You should be able to examine `git log` to find +what got imported, and run `git-annex unannex` on it, and then move it back +to the right place. + +Seems like I underestimated the chance this would be a foot bomb. +I now think that git-annex import and the directory special remote should +skip over symlinks. Probably with an informative message to avoid silently +doing nothing in cases where users had been using them intentionally to +follow symlinks. + +Such a check will be race prone, but that is only likely to matter if an +attacker is racing it to replace a file with a symlink, and as I discussed +in previous comments, such an attacker seems like they would be able to +accomplish the same thing with the write permission they must have. +"""]]