| Commit message (Collapse) | Author | Age | |
|---|---|---|---|
| * | improve temp dir security | Joey Hess | 2015-12-15 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | http://bugs.debian.org/807341 * Fix insecure temporary permissions. Repair clones the git repository to a temp directory which is made using the user's umask. Thus, it might expose a git repo that is otherwise locked down. * Fix potential denial of service attack when creating temp dirs. Since withTmpDir used easily predictable temporary directory names, an attacker could create foo.0, foo.1, etc and as long as it managed to keep ahead of it, could prevent it from ever returning. I'd rate this as a low utility DOS attack. Most attackers in a position to do this could just fill up the disk /tmp is on to prevent anything from writing temp files. And few parts of git-annex use withTmpDir anyway, so DOS potential is quite low. Examined all callers of withTmpDir and satisfied myself that switching to mkdtmp and so getting a mode 700 temp dir wouldn't break any of them. | ||
| * | Merge from git-annex. | Joey Hess | 2015-04-29 |
| | | |||
| * | Merge from git-annex. | Joey Hess | 2015-01-06 |
| | | |||
| * | Merge from git-annex. | Joey Hess | 2014-10-12 |
| | | | | | Includes changing to new exceptions library, and some whitespace fixes. | ||
| * | Merge from git-annex. | Joey Hess | 2014-07-21 |
| | | |||
| * | merge from git-annex | Joey Hess | 2014-02-24 |
| | | |||
| * | merge from git-annex | Joey Hess | 2014-01-13 |
| | | |||
| * | urgle | Joey Hess | 2013-11-21 |
| | | |||
| * | clean up | Joey Hess | 2013-11-21 |
| | | |||
| * | urgle | Joey Hess | 2013-11-20 |
| | | |||
| * | try to recover even if git fsck cannot be coaxed to tell us any bad objects | Joey Hess | 2013-11-20 |
| | | | | | | | | Sometimes git fsck outputs no shas even with --verbose, but fails, due to badly corrupt objects. The best thing to do in this situation is to try to pull and rsync from remotes, hoping that the bad objects will be overwritten. | ||
| * | oops | Joey Hess | 2013-11-20 |
| | | |||
| * | merge from git-annex | Joey Hess | 2013-11-20 |
| | | |||
| * | whoops | Joey Hess | 2013-11-19 |
| | | |||
| * | retrying | Joey Hess | 2013-11-19 |
| | | |||
| * | copied from git-annex | Joey Hess | 2013-11-18 |
 |
index : git-repair | |
| [no description] | git repository hosting |
| summaryrefslogtreecommitdiff |