m-chrzan.xyz
aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMartin F. Krafft <madduck@madduck.net>2019-08-14 10:26:55 +1200
committerJason A. Donenfeld <Jason@zx2c4.com>2019-11-28 12:18:25 +0100
commit88936b11aff49e48f79842e4628c55620e0ad736 (patch)
tree02fb1e2df84004caf5c2fd10d1dc4d360ed569c1
parentb830119762416fa8706e479e9b01f2453d6f6ad6 (diff)
Unset variables messing with Git use
This patch makes sure that variables from the environment cannot override e.g. the Git directory to operate on, as well as other critical parts of Git operations. These variables are: - GIT_DIR - GIT_WORK_TREE - GIT_NAMESPACE - GIT_INDEX_FILE - GIT_INDEX_VERSION - GIT_OBJECT_DIRECTORY - GIT_COMMON_DIR If any of those are set, pass might end up operating on another repository, and things would break. I caught this having GIT_DIR set, but fortunately the other repository had a .gitignore that would have ignored the file: ``` fishbowl~% echo $GIT_DIR /home/madduck/.config/vcsh/repo.d/zsh.git fishbowl~% pass generate test The following paths are ignored by one of your .gitignore files: .password-store/test.gpg Use -f if you really want to add them. The generated password for test is: … ``` The result was an orphan file `test.gpg` in the password-store root. Signed-off-by: Martin F. Krafft <madduck@madduck.net>
-rwxr-xr-xsrc/password-store.sh1
1 files changed, 1 insertions, 0 deletions
diff --git a/src/password-store.sh b/src/password-store.sh
index 1d119f2..77f3eda 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -20,6 +20,7 @@ GENERATED_LENGTH="${PASSWORD_STORE_GENERATED_LENGTH:-25}"
CHARACTER_SET="${PASSWORD_STORE_CHARACTER_SET:-[:punct:][:alnum:]}"
CHARACTER_SET_NO_SYMBOLS="${PASSWORD_STORE_CHARACTER_SET_NO_SYMBOLS:-[:alnum:]}"
+unset GIT_DIR GIT_WORK_TREE GIT_NAMESPACE GIT_INDEX_FILE GIT_INDEX_VERSION GIT_OBJECT_DIRECTORY GIT_COMMON_DIR
export GIT_CEILING_DIRECTORIES="$PREFIX/.."
#