mirror of
https://github.com/godotengine/buildroot.git
synced 2026-01-09 06:10:17 +03:00
832107c6dc
Fixes the following security issue: CVE-2022-24765: On multi-user machines, Git users might find themselves unexpectedly in a Git worktree, e.g. when there is a scratch space (`/scratch/`) intended for all users and another user created a repository in `/scratch/.git`. Merely having a Git-aware prompt that runs `git status` (or `git diff`) and navigating to a directory which is supposedly not a Git worktree, or opening such a directory in an editor or IDE such as VS Code or Atom, will potentially run commands defined by that other user via `/scratch/.git/config`. https://www.openwall.com/lists/oss-security/2022/04/12/7 Signed-off-by: Peter Korsgaard <peter@korsgaard.com>