|
ed24b8ba
|
2022-07-05T23:47:15
|
|
repo: allow users running with sudo to access their repositories
In the ownership checks implemented for CVE-2022-24765, we disallowed
users to access their own repositories when running with `sudo`.
Examine the `SUDO_UID` environment variable and allow users running
with `sudo`. This matches git's behavior.
|
|
|
5bc01a7d
|
2022-07-04T16:01:01
|
|
fs: allow ownership match if user is in admin group
Allow the user ownership to match if the file is owned by the admin
group and the user is in the admin group, even if the current process is
not running as administrator directly.
|
|
|
433f0166
|
2022-07-04T15:20:59
|
|
fs: refactor file ownership checks
Refactor the file ownership checks so that callers can provide discrete
information about the ownership expectations to a single function.
|
|
|
df354ec2
|
2022-07-03T09:07:32
|
|
fs: remove mock naming from change ownership constants
The file ownership concepts can reflect the actual file ownership, they
are not necessarily limited to mocking the interface. Rename them so
that they can be more broadly applicable.
|
|
|
c0b7f88e
|
2022-04-11T17:06:55
|
|
fs_path: mock ownership checks
Provide a mock for file ownership for testability.
|
|
|
bf2620bc
|
2022-04-10T21:29:43
|
|
fs_path: refactor ownership checks into current user and system
Provide individual file ownership checks for both the current user and
the system user, as well as a combined current user and system user
check.
|
|
|
c3b7ace9
|
2021-11-14T16:43:53
|
|
refactor: make util an object library
Instead of simply including the utility files directly, make them a
cmake object library for easy reusability between other projects within
libgit2.
Now the top-level `src` is responsible for platform selection, while the
next-level `libgit2` and `util` configurations are responsible for
identifying what objects they include.
|