undefined | Better HN

0 pointsjcranberry3y ago0 comments

Damn. So the script I use to put the branch name in my prompt is bad? Could I solve this by making .git/config readonly for non sudo?

0 comments

WorldMaker3y ago

The concern here is more on `sudo vi /.git/config` than `sudo vi ~/.git/config`. Someone adding a "root" git config that you don't expect/intend to exist.

If you think things are locked down strongly enough with sudo and never install anything that might add root files you don't expect you are most likely safe.

This release also adds an environment variable you can set that makes certain that git has a "ceiling" that it never crosses when checking for .git/config files. The idea being that you'd never want git to look above `/user/*/` for instance, as you'd never expect to have a "machine-wide" git config.

j / k navigate · click thread line to collapse

0 comments

WorldMaker3y ago

The concern here is more on `sudo vi /.git/config` than `sudo vi ~/.git/config`. Someone adding a "root" git config that you don't expect/intend to exist.

If you think things are locked down strongly enough with sudo and never install anything that might add root files you don't expect you are most likely safe.

j / k navigate · click thread line to collapse