Announcement

Collapse
No announcement yet.

"git clone" Hit By Vulnerability That Could Lead To Code Execution

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • "git clone" Hit By Vulnerability That Could Lead To Code Execution

    Phoronix: "git clone" Hit By Vulnerability That Could Lead To Code Execution

    Disclosed today is CVE-2021-21300 as a security vulnerability affecting git clone that could lead to specially crafted repositories being able to execute code during the Git clone process...

    https://www.phoronix.com/scan.php?pa...CVE-2021-21300

  • #2
    "on case-insensitive filesystems which support symbolic links"
    Are there many of those ? I use case-sensitive filesystems, and those I knew insensitive didn't have symlinks.

    Comment


    • #3
      Can't ext4 be configured that way now?

      Comment


      • #4
        Originally posted by PluMGMK View Post
        Can't ext4 be configured that way now?
        I think so. I just wondered whether many people do.

        Comment


        • #5
          Originally posted by phoron View Post
          "on case-insensitive filesystems which support symbolic links"
          Are there many of those ? I use case-sensitive filesystems, and those I knew insensitive didn't have symlinks.
          macOS; I can at least confirm that the filesystem on mine are APFS and case-insensitive out of the box (and they call this a Unix system )

          Comment


          • #6
            Originally posted by phoron View Post

            I think so. I just wondered whether many people do.
            Since Linux 5.2 apparently, and more recently the feature was added to f2fs as well. I doubt many Linux-users have their system set-up like that though, unless you as an end-user specifically did so. Android, macOS and obviously Windows (duh) are able to run run case insensitive file systems.

            Comment


            • #7
              Originally posted by phoron View Post
              "on case-insensitive filesystems which support symbolic links"
              Are there many of those ? I use case-sensitive filesystems, and those I knew insensitive didn't have symlinks.
              It affects NTFS, HFS+ and APFS.

              Comment


              • #8
                Thanks, I see I'm not up to date with windows and Mac. I thought Macs where case sensitive and Windows had no links ... Now I know more.

                Comment


                • #9
                  Originally posted by phoron View Post
                  Thanks, I see I'm not up to date with windows and Mac. I thought Macs where case sensitive and Windows had no links ... Now I know more.
                  Well... NTFS has both soft and hard links and is internally case-sensitive

                  Comment


                  • #10
                    nice moove,
                    So a 'rm -rf * &' will do the trick..

                    think 10 times now, before git cloning something..
                    Last edited by tuxd3v; 09 March 2021, 04:32 PM.

                    Comment

                    Working...
                    X