Yes, unfortunately it's pretty trivial. Any time arbitrary file write is possibl... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		caust1c 7 months ago \| parent \| context \| favorite \| on: Breaking Git with a carriage return and cloning RC... Yes, unfortunately it's pretty trivial. Any time arbitrary file write is possible, RCE is usually possible too.

lostmsu 7 months ago [–]

Could this be mitigated by moving .git out of work tree directory and using unprivileged process that only has access to work tree directory to do all the file manipulation?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact