mirrors/git-annex
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions
CI to automate build of cargo lockfiles on different Alpine releases for git-annex aports https://gitlab.alpinelinux.org/alpine/aports/-/tree/master/community/git-annex
26130 commits 13 branches 451 tags 137 MiB
Find a file
Joey Hess 96dd0f4ebe
improve temp dir security 
http://bugs.debian.org/807341

* Fix insecure temporary permissions when git-annex repair is used in
  in a corrupted git repository.

  Other calls to withTmpDir didn't leak any potentially private data,
  but repair clones the git repository to a temp directory which is made
  using the user's umask. Thus, it might expose a git repo that is
  otherwise locked down.

* Fix potential denial of service attack when creating temp dirs.

  Since withTmpDir used easily predictable temporary directory names,
  an attacker could create foo.0, foo.1, etc and as long as it managed to
  keep ahead of it, could prevent it from ever returning.

  I'd rate this as a low utility DOS attack. Most attackers in a position
  to do this could just fill up the disk /tmp is on to prevent anything
  from writing temp files. And few parts of git-annex use withTmpDir
  anyway, so DOS potential is quite low.

Examined all callers of withTmpDir and satisfied myself that
switching to mkdtmp and so getting a mode 700 temp dir wouldn't break any
of them.

Note that withTmpDirIn continues to not force temp dir to 700.
But it's only used for temp directories inside .git/annex/wherever/
so that is not a problem.

Also re-audited all other uses of temp files and dirs in git-annex.
2015-12-15 20:21:48 -04:00
Annex fsck: Failed to honor annex.diskreserve when checking a remote. 2015-12-11 13:50:27 -04:00
Assistant generalize catchHardwareFault to catchIOErrorType 2015-12-06 16:26:38 -04:00
Backend generalize catchHardwareFault to catchIOErrorType 2015-12-06 16:26:38 -04:00
Build got logic backwards.. 2015-11-03 10:51:21 -04:00
CmdLine increase number of capabilities to match -Jn setting 2015-11-05 19:57:41 -04:00
Command fsck: Failed to honor annex.diskreserve when checking a remote. 2015-12-11 13:50:27 -04:00
Common Use lower case hash directories for storing files on crippled filesystems, same as is already done for bare repositories. 2013-04-04 15:46:33 -04:00
Config webapp: Fix bugs that could result in a relative path such as "." being written to ~/.config/git-annex/autostart 2015-12-02 15:57:30 -04:00
Database avoid ugly error about MVar if the sqlite worker thread crashes 2015-10-12 13:00:22 -04:00
debian improve temp dir security 2015-12-15 20:21:48 -04:00
doc 2 more data -> 2 more days 2015-12-11 21:04:54 +00:00
Git fix use of hifalutin terminology 2015-11-16 14:37:31 -04:00
Limit update my email address and homepage url 2015-01-21 12:50:09 -04:00
Logs fix use of hifalutin terminology 2015-11-16 14:37:31 -04:00
Messages avoid spawning file size polling thread when not in -J mode 2015-11-16 21:21:58 -04:00
Remote webdav: When testing the WebDAV server, send a file with content. The empty file it was sending tickled bugs in some php WebDAV server. 2015-12-11 12:13:20 -04:00
RemoteDaemon rename bothHandles -> ioHandles 2015-04-03 15:35:18 -04:00
standalone Make the git-annex-standalone.deb prevent runshell from installing wrappers into $HOME/.ssh 2015-11-10 12:53:46 -04:00
static Revert "remove newlines from static js and css" 2014-06-13 02:20:39 -04:00
templates webapp: Remove the "disable remote" feature from the UI. 2015-09-21 13:05:44 -04:00
Types fix use of hifalutin terminology 2015-11-16 14:37:31 -04:00
Upgrade add import 2015-04-03 15:35:32 -04:00
Utility improve temp dir security 2015-12-15 20:21:48 -04:00
.ghci workaround for ghci fragility in reusing objects compiled with ghc 2012-10-20 16:20:42 -04:00
.gitattributes decruft 2011-06-22 18:56:08 -04:00
.gitignore cleanup makefile 2015-07-23 12:51:27 -04:00
.mailmap alias for Yaroslav @ yahoo to mailmap 2015-09-09 12:38:59 -04:00
Annex.hs arrange for regional output manager to run when -J is enabled 2015-11-04 16:22:43 -04:00
Assistant.hs unused import on windows 2015-04-20 11:27:47 -04:00
Backend.hs update my email address and homepage url 2015-01-21 12:50:09 -04:00
bash-completion.bash fix bash completion of filenames containing spaces 2015-07-20 11:17:35 -04:00
build.bat let build.bat also be run from cygwin terminal 2015-04-21 14:12:14 -04:00
BuildFlags.hs Add S3 features to git-annex version output. 2015-12-10 11:42:49 -04:00
CHANGELOG symlinks 2010-10-27 15:14:59 -04:00
Checks.hs update my email address and homepage url 2015-01-21 12:50:09 -04:00
CmdLine.hs arrange for regional output manager to run when -J is enabled 2015-11-04 16:22:43 -04:00
Command.hs join back threads before ending concurrent output so display works 2015-11-05 17:23:26 -04:00
Common.hs import Data.Default in Common 2015-01-28 16:11:28 -04:00
Config.hs refactor 2015-08-17 11:21:13 -04:00
configure.hs Rewrote free disk space checking code 2012-03-22 17:32:47 -04:00
COPYRIGHT Add link COPYRIGHT -> debian/copyright; add COPYRIGHT to sdist. 2012-06-11 23:27:00 -07:00
Creds.hs support gpg.program 2015-09-09 18:06:49 -04:00
Crypto.hs support gpg.program 2015-09-09 18:06:49 -04:00
ghci brought back fast ghci 2013-02-27 21:38:01 -04:00
git-annex.cabal prep release 2015-12-08 11:14:28 -04:00
git-annex.hs wire tasty's option parser into the main program option parser 2015-07-13 13:20:10 -04:00
git-union-merge.hs update my email address and homepage url 2015-01-21 12:50:09 -04:00
Git.hs removed all uses of undefined from code base 2015-04-19 00:38:29 -04:00
INSTALL symlinks 2010-10-27 15:14:59 -04:00
Limit.hs Improve shutdown due to --time-limit, especially for fsck 2015-07-31 16:01:54 -04:00
Locations.hs fix use of hifalutin terminology 2015-11-16 14:37:31 -04:00
Logs.hs rethought distributed fsck; instead add activity.log and expire command 2015-04-05 12:50:02 -04:00
Makefile Build with -j1 again to get reproducible build. 2015-11-16 16:51:24 -04:00
Messages.hs display a message in the unlikely scenario of fsking a dead repository 2015-11-10 14:44:58 -04:00
NEWS update NEWS 2012-01-19 15:27:39 -04:00
README use https 2014-11-06 14:20:10 -04:00
Remote.hs enableremote: List uuids and descriptions of remotes that can be enabled, and accept either the uuid or the description in leu if the name. 2015-10-26 14:55:40 -04:00
Setup.hs improve warning 2015-11-03 11:06:33 -04:00
stack.yaml enable ConcurrentOutput flag for stack 2015-11-06 15:26:12 -04:00
Test.hs reorg quickcheck to a separate module 2015-11-17 15:49:22 -04:00
Types.hs update my email address and homepage url 2015-01-21 12:50:09 -04:00
Upgrade.hs update my email address and homepage url 2015-01-21 12:50:09 -04:00

README 

git-annex allows managing files with git, without checking the file
contents into git. While that may seem paradoxical, it is useful when
dealing with files larger than git can currently easily handle, whether due
to limitations in memory, checksumming time, or disk space.

For documentation, see doc/ or <https://git-annex.branchable.com/>