"accidental [mis]feature" -- yet another admin->shell hole blocked!
This is a pretty big hole, really. Only the fact that Eli called it an "accidental feature" helped catch it :) Notes on the code: An explicit list of paths -- maybe just "conf", "keydir", and "local" -- would have been easier, but this isn't too bad, I think.
This commit is contained in:
parent
55e754a09f
commit
5fd9328c1c
|
@ -2,7 +2,8 @@
|
|||
|
||||
# checkout the master branch to $GL_ADMINDIR
|
||||
# (the GL_ADMINDIR env var would have been set by gl-auth-command)
|
||||
GIT_WORK_TREE=$GL_ADMINDIR git checkout -f master
|
||||
GIT_WORK_TREE=$GL_ADMINDIR git checkout -f master -- \
|
||||
`git ls-tree master | cut -f2 | perl -lne 'print unless /^(src|hooks)$/'`
|
||||
|
||||
od=$PWD
|
||||
cd $GL_ADMINDIR
|
||||
|
|
Loading…
Reference in a new issue