summaryrefslogtreecommitdiff
path: root/src/commit_list.c
diff options
context:
space:
mode:
authorJohannes Schindelin <johannes.schindelin@gmx.de>2019-06-19 12:59:27 +0200
committerEdward Thomson <ethomson@edwardthomson.com>2019-08-13 17:56:06 +0100
commitcb1439c9d32c059ee93216637a6d155306f76ab3 (patch)
tree76f15274fb66652dba8d29f5aad0c6c456b84e56 /src/commit_list.c
parent5774b2b13468aa3c2e7e604dd348357f6842c56a (diff)
downloadlibgit2-cb1439c9d32c059ee93216637a6d155306f76ab3.tar.gz
config: validate ownership of C:\ProgramData\Git\config before using it
When the VirtualStore feature is in effect, it is safe to let random users write into C:\ProgramData because other users won't see those files. This seemed to be the case when we introduced support for C:\ProgramData\Git\config. However, when that feature is not in effect (which seems to be the case in newer Windows 10 versions), we'd rather not use those files unless they come from a trusted source, such as an administrator. This change imitates the strategy chosen by PowerShell's native OpenSSH port to Windows regarding host key files: if a system file is owned neither by an administrator, a system account, or the current user, it is ignored.
Diffstat (limited to 'src/commit_list.c')
0 files changed, 0 insertions, 0 deletions