From 732055439b68a3622b5c3337e7327f49c156d40d Mon Sep 17 00:00:00 2001 From: "Kyle J. McKay" Date: Sun, 24 Dec 2017 21:53:43 -0800 Subject: [PATCH] config: do not accept push options Starting with Git v2.10.0, it's possible to pass arbitrary values from the remote client to the server at push time using a new "--push-option" command line option. Girocco does not use these and accepting them only to ignore them serves only to increase the possible malicious actor attack surface. Therefore disable them in the global $chroot/etc/girocco/.gitconfig file to prevent them from being sent. According to the "git help config": > By default, git-receive-pack will advertise the push options > capability to its clients. However, it appears that the implementation actually defaults to not advertising the option unless the config item is explicitly set to a true value. That makes more sense since the server must have custom support to do anything with them. Nevertheless, explicitly setting the config option to false protects against any future change to make the code match the description rather than the other way around. Signed-off-by: Kyle J. McKay --- jailsetup.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/jailsetup.sh b/jailsetup.sh index 87a1948..c484f2e 100755 --- a/jailsetup.sh +++ b/jailsetup.sh @@ -182,6 +182,7 @@ update_config_item core.compression 5 update_config_item transfer.unpackLimit 1 1 update_config_item http.lowSpeedLimit 1 update_config_item http.lowSpeedTime 600 +update_config_item receive.advertisePushOptions false 1 update_config_item receive.maxInputSize "${cfg_max_receive_size:-0}" 1 [ -z "$didchmod" ] || chmod a-w etc/girocco -- 2.11.4.GIT