This patch makes sure that variables from the environment cannot
override e.g. the Git directory to operate on, as well as other critical
parts of Git operations. These variables are:
- GIT_DIR
- GIT_WORK_TREE
- GIT_NAMESPACE
- GIT_INDEX_FILE
- GIT_INDEX_VERSION
- GIT_OBJECT_DIRECTORY
GIT_CEILING_DIRECTORIES
Just noticed that password-store already overrides this anyway…
--
@martinkrafft | https://riot.im/app/#/room/#madduck:madduck.net
whatever you do will be insignificant,
but it is very important that you do it.
--
Quoting "Amir Yalon", who wrote on 2019-08-13 at 23:09 Uhr +0300:
+unset GIT_DIR GIT_WORK_TREE GIT_NAMESPACE GIT_INDEX_FILE GIT_OBJECT_DIRECTORY
The list might not be comprehensive;
No, it's not, but I did consider the others ones:
GIT_INDEX_FILE
Included.
GIT_INDEX_VERSION
I was
Hi,
On Tue, Aug 13, 2019, at 12:54, martin f. krafft wrote:
>
> +unset GIT_DIR GIT_WORK_TREE GIT_NAMESPACE GIT_INDEX_FILE GIT_OBJECT_DIRECTORY
> +
The list might not be comprehensive; the following appear in the man page for
my local installation of git (version 2.20.1) in the first group
This patch makes sure that variables from the environment cannot
override e.g. the Git directory to operate on. Without it, in a setting
where GIT_DIR is set, pass would otherwise commit generated password
files to the wrong repository.
I caught this, because fortunately the other repository had