1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-31 18:01:00 +01:00
No description
Find a file
epriestley 3125d7a5f4 In Git, always "sudo" to the daemon user if a daemon user is configured
Summary:
See T13673. Recent versions of Git (and older versions with backported security patches) now refuse to run Git commands if the top-level repository directory is not owned by the user running the command.

Currently, we "sudo" to that user only when performing writes, so upgrading Git can aggressively break a Phabricator system by knocking out essentially all Diffusion/Conduit read pathways.

As an immediate mitigation, just "sudo" in all cases where a daemon user is available. This fixes the problem, and seems like the least-bad approach. The downside is that the web user may theoretically have fewer privileges than the daemon user and this could reduce the number of layers an attacker armed with some other Git vulnerability might have to get through to do something dangerous (e.g., perform a write on a pathway where only reads are expected), but any separation between the web and daemon accounts is essentially theoretical and has never been enforced.

Test Plan: Applied patch to impacted Phacility shard, saw Diffusion work properly again.

Differential Revision: https://secure.phabricator.com/D21756
2022-04-13 11:23:55 -07:00
bin Remove the "ssh-auth-key" script 2019-10-28 17:52:37 -07:00
conf Remove an old digest in Celerity code and some obsolete configuration options 2019-01-04 13:43:38 -08:00
externals Update SES API to use AWSv4 signatures 2020-09-15 13:03:49 -07:00
resources Give Phame blog posts configurable interact policies, with a default policy of "Same as Blog" 2022-04-01 12:52:58 -07:00
scripts Fix a PHP 8.1 strlen() issue with "mysql.pass" configuration 2021-12-16 15:24:21 -08:00
src In Git, always "sudo" to the daemon user if a daemon user is configured 2022-04-13 11:23:55 -07:00
support Suppress PHP 8 deprecation warning in startup 2021-07-20 21:07:33 -04:00
webroot Add a side nav to Conduit API method console pages 2021-07-21 14:16:59 -07:00
.arcconfig Set "history.immutable" to "false" explicitly in .arcconfig 2016-08-03 08:12:49 -07:00
.arclint Fix a PHP 8.1 strlen() issue with "mysql.pass" configuration 2021-12-16 15:24:21 -08:00
.arcunit Use the configuration driven unit test engine 2015-08-11 07:57:11 +10:00
.editorconfig Fix text lint issues 2015-02-12 07:00:13 +11:00
.gitignore Make i18n string extraction faster and more flexible 2016-07-04 10:23:30 -07:00
LICENSE Fix text lint issues 2015-02-12 07:00:13 +11:00
NOTICE Remove some "Phacility" and "epriestley" references 2021-07-08 10:46:17 -07:00
README.md Document Phabricator as no longer actively maintained 2021-05-29 13:58:22 -07:00

Effective June 1, 2021: Phabricator is no longer actively maintained.

Phabricator is a collection of web applications for software development.

LICENSE

Phabricator is released under the Apache 2.0 license except as otherwise noted.