Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | improve temp dir security | Joey Hess | 2015-12-15 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | http://bugs.debian.org/807341 * Fix insecure temporary permissions when git-annex repair is used in in a corrupted git repository. Other calls to withTmpDir didn't leak any potentially private data, but repair clones the git repository to a temp directory which is made using the user's umask. Thus, it might expose a git repo that is otherwise locked down. * Fix potential denial of service attack when creating temp dirs. Since withTmpDir used easily predictable temporary directory names, an attacker could create foo.0, foo.1, etc and as long as it managed to keep ahead of it, could prevent it from ever returning. I'd rate this as a low utility DOS attack. Most attackers in a position to do this could just fill up the disk /tmp is on to prevent anything from writing temp files. And few parts of git-annex use withTmpDir anyway, so DOS potential is quite low. Examined all callers of withTmpDir and satisfied myself that switching to mkdtmp and so getting a mode 700 temp dir wouldn't break any of them. Note that withTmpDirIn continues to not force temp dir to 700. But it's only used for temp directories inside .git/annex/wherever/ so that is not a problem. Also re-audited all other uses of temp files and dirs in git-annex. | ||
* | Debian: Build depend on concurrent-output. | Joey Hess | 2015-12-12 |
| | | | | In unstable now. | ||
* | 2 more data -> 2 more days | http://www.ryantm.com/ | 2015-12-11 |
| | |||
* | devblog | Joey Hess | 2015-12-11 |
| | |||
* | fsck: Failed to honor annex.diskreserve when checking a remote. | Joey Hess | 2015-12-11 |
| | |||
* | Merge branch 'master' of ssh://git-annex.branchable.com | Joey Hess | 2015-12-11 |
|\ | |||
* | | webdav: When testing the WebDAV server, send a file with content. The empty ↵ | Joey Hess | 2015-12-11 |
| | | | | | | | | file it was sending tickled bugs in some php WebDAV server. | ||
* | | comment | Joey Hess | 2015-12-11 |
| | | |||
* | | comment | Joey Hess | 2015-12-11 |
| | | |||
* | | comment | Joey Hess | 2015-12-11 |
| | | |||
* | | add Blackblaze B2 extranal special remote to the list | Joey Hess | 2015-12-11 |
| | | |||
* | | comment | Joey Hess | 2015-12-11 |
| | | |||
* | | clean up | Joey Hess | 2015-12-11 |
| | | |||
| * | Added a comment | yminus | 2015-12-10 |
| | | |||
| * | Added a comment | http://joeyh.name/ | 2015-12-10 |
| | | |||
* | | comment | Joey Hess | 2015-12-10 |
| | | |||
| * | Added a comment: Complete removal | fbicknel@01ede624a1a56b3998b823e9b60da0ff81cccb16 | 2015-12-10 |
| | | |||
* | | Add S3 features to git-annex version output. | Joey Hess | 2015-12-10 |
|/ | |||
* | comment | Joey Hess | 2015-12-10 |
| | |||
* | response | Joey Hess | 2015-12-10 |
| | |||
* | response | Joey Hess | 2015-12-10 |
| | |||
* | Added a comment: The downside | https://openid.stackexchange.com/user/27ceb3c5-0762-42b8-8f8a-ed21c284748f | 2015-12-10 |
| | |||
* | (no commit message) | https://openid.stackexchange.com/user/3ee5cf54-f022-4a71-8666-3c2b5ee231dd | 2015-12-09 |
| | |||
* | Merge branch 'master' of ssh://git-annex.branchable.com | Joey Hess | 2015-12-09 |
|\ | |||
* | | devblog | Joey Hess | 2015-12-09 |
| | | |||
| * | Added a comment | openmedi | 2015-12-09 |
| | | |||
| * | Added a comment: anyone saw/worked on backend for watchdox service? (not ↵ | https://me.yahoo.com/a/EbvxpTI_xP9Aod7Mg4cwGhgjrCrdM5s-#7c0f4 | 2015-12-08 |
|/ | | | | free one but needed :-/) | ||
* | add news item for git-annex 5.20151208 | Joey Hess | 2015-12-08 |
| | |||
* | prep release5.20151208 | Joey Hess | 2015-12-08 |
| | |||
* | response | Joey Hess | 2015-12-08 |
| | |||
* | Added a comment: Problems initializing glacier remote | ben | 2015-12-08 |
| | |||
* | I started using a repo on S3, so that partially answered my question about ↵ | wsha.code+ga@b38779424f41c5701bbe5937340be43ff1474b2d | 2015-12-08 |
| | | | | how files are stored on S3. | ||
* | Added a comment | wsha.code+ga@b38779424f41c5701bbe5937340be43ff1474b2d | 2015-12-08 |
| | |||
* | Added a comment: How to view configuration of special remotes? | cantora@432fae6be728a32ac472387df86a8922f059d4a6 | 2015-12-08 |
| | |||
* | Merge branch 'master' of ssh://git-annex.branchable.com | Joey Hess | 2015-12-07 |
|\ | |||
* | | devblog | Joey Hess | 2015-12-07 |
| | | |||
| * | Added a comment | sts | 2015-12-07 |
|/ | |||
* | Merge branch 'master' of ssh://git-annex.branchable.com | Joey Hess | 2015-12-06 |
|\ | |||
* | | fix temp filename | Joey Hess | 2015-12-06 |
| | | | | | | | | | | | | | | Was not putting it inside the temp dir, but next to it! This was just wrong, and it led to a longer filename that desired being used, leading to some bug reports. | ||
* | | avoid too long temp dir template | Joey Hess | 2015-12-06 |
| | | | | | | | | | | The filename might be at or close to the filename length limit, so using it as the template for the temp dir would then fail. | ||
* | | cleanup | Joey Hess | 2015-12-06 |
| | | |||
* | | avoid looping trying to make temp dir when the name is too long | Joey Hess | 2015-12-06 |
| | | | | | | | | | | Only loop when directory creation fails due to the directory existing already. | ||
| * | Added a comment | torpidus | 2015-12-06 |
| | | |||
* | | generalize catchHardwareFault to catchIOErrorType | Joey Hess | 2015-12-06 |
|/ | |||
* | (no commit message) | torpidus | 2015-12-06 |
| | |||
* | Fix broken link to other bug | samuel.hym+bugs@a85e9c44dc6369ad6b12e8e6a3896ad34f7df4a3 | 2015-12-06 |
| | |||
* | Report bug due to broken createSymbolicLink | samuel.hym+bugs@a85e9c44dc6369ad6b12e8e6a3896ad34f7df4a3 | 2015-12-06 |
| | |||
* | m | spwhitton | 2015-12-05 |
| | |||
* | Copy hints for Emacs users from propellor coding style page | spwhitton | 2015-12-05 |
| | |||
* | (no commit message) | a@b34f238966e58f7c2ea550cc4cab3005c0e33150 | 2015-12-05 |
| |