Hi, On Tue, Oct 3, 2017 at 1:45 AM, Jonathan Nieder <jrnie...@gmail.com> wrote:
> Proposed fix: because of case (1), I would like a way to tell Git to > stop trusting any files in .git. That is: > > 1. Introduce a (configurable) list of "safe" configuration items that > can be set in .git/config and don't respect any others. Maybe we can already add a --list-security or --check-security or --unsafe to `git config` to list the unsafe options and their values as well as the active hooks, so that admins/users can already easily take a quick look at the config before they start playing with a potentially unsafe repo.
