Skip to content

Commit c3e0a07

Browse files
vdyedscho
authored andcommitted
Merge branch 'safe.directory-and-windows'
These two patches made it into Git for Windows v2.35.2, but not into Git v2.35.2. Signed-off-by: Victoria Dye <[email protected]> Signed-off-by: Johannes Schindelin <[email protected]>
2 parents 34c3af9 + 4cad716 commit c3e0a07

File tree

2 files changed

+37
-0
lines changed

2 files changed

+37
-0
lines changed

Documentation/config/safe.txt

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,3 +26,9 @@ directory was listed in the `safe.directory` list. If `safe.directory=*`
2626
is set in system config and you want to re-enable this protection, then
2727
initialize your list with an empty value before listing the repositories
2828
that you deem safe.
29+
+
30+
Due to the permission model on Windows where ACLs are used instead of
31+
Unix' simpler permission model, it can be a bit tricky to figure out why
32+
a directory is considered unsafe. To help with this, Git will provide
33+
more detailed information when the environment variable
34+
`GIT_TEST_DEBUG_UNSAFE_DIRECTORIES` is set to `true`.

compat/mingw.c

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
#include "../git-compat-util.h"
22
#include "win32.h"
33
#include <aclapi.h>
4+
#include <sddl.h>
45
#include <conio.h>
56
#include <wchar.h>
67
#include "../strbuf.h"
@@ -3028,6 +3029,7 @@ int is_path_owned_by_current_sid(const char *path)
30283029
else if (sid && IsValidSid(sid)) {
30293030
/* Now, verify that the SID matches the current user's */
30303031
static PSID current_user_sid;
3032+
BOOL is_member;
30313033

30323034
if (!current_user_sid)
30333035
current_user_sid = get_current_user_sid();
@@ -3036,6 +3038,35 @@ int is_path_owned_by_current_sid(const char *path)
30363038
IsValidSid(current_user_sid) &&
30373039
EqualSid(sid, current_user_sid))
30383040
result = 1;
3041+
else if (IsWellKnownSid(sid, WinBuiltinAdministratorsSid) &&
3042+
CheckTokenMembership(NULL, sid, &is_member) &&
3043+
is_member)
3044+
/*
3045+
* If owned by the Administrators group, and the
3046+
* current user is an administrator, we consider that
3047+
* okay, too.
3048+
*/
3049+
result = 1;
3050+
else if (git_env_bool("GIT_TEST_DEBUG_UNSAFE_DIRECTORIES", 0)) {
3051+
LPSTR str1, str2, to_free1 = NULL, to_free2 = NULL;
3052+
3053+
if (ConvertSidToStringSidA(sid, &str1))
3054+
to_free1 = str1;
3055+
else
3056+
str1 = "(inconvertible)";
3057+
3058+
if (!current_user_sid)
3059+
str2 = "(none)";
3060+
else if (!IsValidSid(current_user_sid))
3061+
str2 = "(invalid)";
3062+
else if (ConvertSidToStringSidA(current_user_sid, &str2))
3063+
to_free2 = str2;
3064+
else
3065+
str2 = "(inconvertible)";
3066+
warning("'%s' is owned by:\n\t'%s'\nbut the current user is:\n\t'%s'", path, str1, str2);
3067+
LocalFree(to_free1);
3068+
LocalFree(to_free2);
3069+
}
30393070
}
30403071

30413072
/*

0 commit comments

Comments
 (0)