diff options
author | Joey Hess <joeyh@joeyh.name> | 2017-04-26 13:07:00 -0400 |
---|---|---|
committer | Joey Hess <joeyh@joeyh.name> | 2017-04-26 13:07:00 -0400 |
commit | c32e669ce39af27e5ae98dafe1d8d4295700ac45 (patch) | |
tree | d016fd3ab088a8724ba9ea00e854851c63735b4c | |
parent | f7f3273db89e7d8402178bf7e8736325c7c11370 (diff) | |
parent | 0034508eb8543bcb84a7eee9204071d75b4d3743 (diff) |
Merge branch 'master' of ssh://git-annex.branchable.com
-rw-r--r-- | doc/forum/Malicious_autoenabled_remotes.mdwn | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/doc/forum/Malicious_autoenabled_remotes.mdwn b/doc/forum/Malicious_autoenabled_remotes.mdwn new file mode 100644 index 000000000..7e48e5d50 --- /dev/null +++ b/doc/forum/Malicious_autoenabled_remotes.mdwn @@ -0,0 +1,9 @@ +I've been trying to figure out whether git-annex can be used to make a user unknowingly download data from a malicious source. The general question here is, assuming a git/git-annex server that I can fully trust to be safe and secure (let's call it `trustedserver`): + +*Is it possible, when performing (for example) `git clone git@trustedserver:user/repo && cd repo && git annex init` for annex to set up and enable a remote that is **not** on `trustedserver`?* + +I'm trying to imagine a scenario where someone with access to the repository (a person who I share files with) can set up a remote to a different server (e.g., `badremote`), set it to `autoenable=true`, and sync changes. Would this enable the other user to put files on `badremote` that are not on `trustedserver` but are tracked by annex? More importantly, if this happens and I perform a `git clone` → `git annex init` → `git annex sync --content`, would I be downloading files from `badremote` without specifically enabling it? + + +Thanks, +Achilleas |