Re: Shared repositories no longer securable against privilege escalation
- Date: Fri, 17 Mar 2017 11:24:12 -0700
- From: Junio C Hamano <gitster@xxxxxxxxx>
- Subject: Re: Shared repositories no longer securable against privilege escalation
Michael Haggerty <mhagger@xxxxxxxxxxxx> writes:
> The locking was added intentionally, to ensure that the reflog for
> `HEAD` is written safely. But the code didn't do that prior to the
> commit that you referenced, so (as a special case) ignoring failures to
> lock `HEAD` due to insufficient permission is probably a reasonable
> I think the special case could be restricted even further to when `HEAD`
> has the `REF_LOG_ONLY` flag in the reference transaction. I don't think
> that `HEAD` would ever show up in a transaction solely to verify its old
> value in a typical server scenario, but if so, that situation could be
> special cased too.
I find both of these acceptably good changes.