summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Added a commentGravatar SamuelTardieu2015-12-17
|
* (no commit message)Gravatar jhannwong@c9c7a67b5632a4bbc0c959cfeb3d340e02f285652015-12-17
|
* (no commit message)Gravatar pete.ward@26c41318616c4cf9601d0431557c1df734ccdb772015-12-16
|
* Merge branch 'master' of ssh://git-annex.branchable.comGravatar Joey Hess2015-12-16
|\
* | devblogGravatar Joey Hess2015-12-16
| |
| * Added a commentGravatar wsha.code+ga@b38779424f41c5701bbe5937340be43ff1474b2d2015-12-16
| |
| * poll vote (My phone (or MP3 player))Gravatar 14.203.223.702015-12-16
|/
* Merge branch 'master' of ssh://git-annex.branchable.comGravatar Joey Hess2015-12-15
|\
* | bring back some deleted functions that git-repair usesGravatar Joey Hess2015-12-15
| |
* | improve temp dir securityGravatar Joey Hess2015-12-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | http://bugs.debian.org/807341 * Fix insecure temporary permissions when git-annex repair is used in in a corrupted git repository. Other calls to withTmpDir didn't leak any potentially private data, but repair clones the git repository to a temp directory which is made using the user's umask. Thus, it might expose a git repo that is otherwise locked down. * Fix potential denial of service attack when creating temp dirs. Since withTmpDir used easily predictable temporary directory names, an attacker could create foo.0, foo.1, etc and as long as it managed to keep ahead of it, could prevent it from ever returning. I'd rate this as a low utility DOS attack. Most attackers in a position to do this could just fill up the disk /tmp is on to prevent anything from writing temp files. And few parts of git-annex use withTmpDir anyway, so DOS potential is quite low. Examined all callers of withTmpDir and satisfied myself that switching to mkdtmp and so getting a mode 700 temp dir wouldn't break any of them. Note that withTmpDirIn continues to not force temp dir to 700. But it's only used for temp directories inside .git/annex/wherever/ so that is not a problem. Also re-audited all other uses of temp files and dirs in git-annex.
| * removedGravatar wsha.code+ga@b38779424f41c5701bbe5937340be43ff1474b2d2015-12-14
| |
| * Added a commentGravatar wsha.code+ga@b38779424f41c5701bbe5937340be43ff1474b2d2015-12-14
| |
| * Added a commentGravatar wsha.code+ga@b38779424f41c5701bbe5937340be43ff1474b2d2015-12-14
| |
| * Added a comment: It workedGravatar https://me.yahoo.com/a/ZF7p46cPmpWtb9zvA8iTitPmiQ--#eb0142015-12-14
| |
| * Added a comment: I'm also having this issueGravatar https://me.yahoo.com/a/ZF7p46cPmpWtb9zvA8iTitPmiQ--#eb0142015-12-14
| |
| * Added a commentGravatar yminus2015-12-13
| |
| * Added a comment: IndeedGravatar scorchgeek2015-12-13
| |
| * Added a commentGravatar basak2015-12-13
| |
| * Added a comment: Repairing ignores disk space issues tooGravatar joakim.hovlandsvag@ad788ffa13d1ccbf03f2c485653900f8baa339502015-12-13
| |
| * (no commit message)Gravatar joakim.hovlandsvag@ad788ffa13d1ccbf03f2c485653900f8baa339502015-12-13
| |
| * create pageGravatar scorchgeek2015-12-12
| |
* | Debian: Build depend on concurrent-output.Gravatar Joey Hess2015-12-12
| | | | | | | | In unstable now.
| * Added a commentGravatar wsha.code+ga@b38779424f41c5701bbe5937340be43ff1474b2d2015-12-12
| |
| * Added a commentGravatar wsha.code+ga@b38779424f41c5701bbe5937340be43ff1474b2d2015-12-12
| |
| * Added a commentGravatar https://openid.stackexchange.com/user/27ceb3c5-0762-42b8-8f8a-ed21c284748f2015-12-11
|/
* 2 more data -> 2 more daysGravatar http://www.ryantm.com/2015-12-11
|
* devblogGravatar Joey Hess2015-12-11
|
* fsck: Failed to honor annex.diskreserve when checking a remote.Gravatar Joey Hess2015-12-11
|
* Merge branch 'master' of ssh://git-annex.branchable.comGravatar Joey Hess2015-12-11
|\
* | webdav: When testing the WebDAV server, send a file with content. The empty ↵Gravatar Joey Hess2015-12-11
| | | | | | | | file it was sending tickled bugs in some php WebDAV server.
* | commentGravatar Joey Hess2015-12-11
| |
* | commentGravatar Joey Hess2015-12-11
| |
* | commentGravatar Joey Hess2015-12-11
| |
* | add Blackblaze B2 extranal special remote to the listGravatar Joey Hess2015-12-11
| |
* | commentGravatar Joey Hess2015-12-11
| |
* | clean upGravatar Joey Hess2015-12-11
| |
| * Added a commentGravatar yminus2015-12-10
| |
| * Added a commentGravatar http://joeyh.name/2015-12-10
| |
* | commentGravatar Joey Hess2015-12-10
| |
| * Added a comment: Complete removalGravatar fbicknel@01ede624a1a56b3998b823e9b60da0ff81cccb162015-12-10
| |
* | Add S3 features to git-annex version output.Gravatar Joey Hess2015-12-10
|/
* commentGravatar Joey Hess2015-12-10
|
* responseGravatar Joey Hess2015-12-10
|
* responseGravatar Joey Hess2015-12-10
|
* Added a comment: The downsideGravatar https://openid.stackexchange.com/user/27ceb3c5-0762-42b8-8f8a-ed21c284748f2015-12-10
|
* (no commit message)Gravatar https://openid.stackexchange.com/user/3ee5cf54-f022-4a71-8666-3c2b5ee231dd2015-12-09
|
* Merge branch 'master' of ssh://git-annex.branchable.comGravatar Joey Hess2015-12-09
|\
* | devblogGravatar Joey Hess2015-12-09
| |
| * Added a commentGravatar openmedi2015-12-09
| |
| * Added a comment: anyone saw/worked on backend for watchdox service? (not ↵Gravatar https://me.yahoo.com/a/EbvxpTI_xP9Aod7Mg4cwGhgjrCrdM5s-#7c0f42015-12-08
|/ | | | free one but needed :-/)
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-06 18:05:16 +0000