Fix an issue where "git" may be unable to read a temporary file in Diffusion

Summary:
Ref T13673. After the changes in that task, we may execute "git config -l ..." as a user other than the user we used to write this temporary file.

Use "--file -" to pass the data instead, avoiding use of temporary files. This makes us agnostic to filesystem permissions.

Test Plan: Viewed a Git repository with submodules in Diffusion with "ssh.user" configured as a user relatively isolated from the webserver user.

Maniphest Tasks: T13673

Differential Revision: https://secure.phabricator.com/D21759

src/applications/diffusion/conduit/DiffusionBrowseQueryConduitAPIMethod.php

@@ -229,11 +229,19 @@ final class DiffusionBrowseQueryConduitAPIMethod
         $commit);
 
       if (!$err) {
-        $tmp = new TempFile();
-        Filesystem::writeFile($tmp, $contents);
-        list($module_info) = $repository->execxLocalCommand(
-          'config -l -f %s',
-          $tmp);
+
+        // NOTE: After T13673, the user executing "git" may not be the same
+        // as the user this process is running as (usually the webserver user),
+        // so we can't reliably use a temporary file: the daemon user may not
+        // be able to use it.
+
+        // Use "--file -" to read from stdin instead. If this fails in some
+        // older versions of Git, we could exempt this particular command from
+        // sudoing to the daemon user.
+
+        $future = $repository->getLocalCommandFuture('config -l --file - --');
+        $future->write($contents);
+        list($module_info) = $future->resolvex();
 
         $dict = array();
         $lines = explode("\n", trim($module_info));