set safe.directory when getting config for git-annex-shell or git remotes
Fix more breakage caused by git's fix for CVE-2022-24765, this time involving a remote (either local or ssh) that is a repository not owned by the current user. Sponsored-by: Dartmouth College's DANDI project
This commit is contained in:
Joey Hess
parent
32cb2bd3fa
commit
cbfd214993
10 changed files with 75 additions and 4 deletions
|
|
@ -339,7 +339,12 @@ tryGitConfigRead autoinit r hasuuid
|
|||
warning $ UnquotedString $ "Remote " ++ Git.repoDescribe r ++
|
||||
": " ++ show e
|
||||
Annex.getState Annex.repo
|
||||
s <- newLocal r
|
||||
{- Since the path to the repository was specified
|
||||
- explicitly, CVE-2022-24765 is not a concern,
|
||||
- so tell git to treat the repository directory as safe.
|
||||
-}
|
||||
let r' = r { Git.safeDirectory = True }
|
||||
s <- newLocal r'
|
||||
liftIO $ Annex.eval s $ check
|
||||
`finally` quiesce True
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue