On Tue, Aug 16, 2016 at 05:37:35PM +0200, Johannes Schindelin wrote: > > Hrm. I am not sure I agree. At GitHub, for instance, we turn on > > core.protectNTFS for all repositories because we do want to be a vector > > for attacks. > > I trust you meant "do *not* want to be a vector for attacks"...
Heh, yes. > Good point. > > What I meant in my curt language was actually not to use core.protectNTFS > per se, but the same code path. That is, I would rather have any such > "cross-platform helping" code in verify_path() rather than > write_index_as_tree(). > > But you are correct, this hypothetical feature (pretty hypothetical, > indeed, at this point) would have to be configured differently than > via core.protectNTFS=true. Ah, OK. Yeah, I don't have any real objection to that. I'm not sure how easy it would be to check verify_path() for an existing commit (say, as part of a pre-commit hook, or a pre-receive, or in a CI test). But if it is not easy, that seems like a problem that can (and should) be fixed separately. -Peff -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
