Do not complain if C:\ProgramData\Git\config is owned by a specific administrator
#2336
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Let's refactor the `validate_system_file_ownership()` a bit, not only to clarify what is done, but also to prepare for maybe adding a slighty more expensive check: it is possible that the file `C:\ProgramData\Git\config` is owned by the local administrator (who has a different SID than the `Administrators` group). Signed-off-by: Johannes Schindelin <[email protected]>
1 task
We recently hardened Git for Windows by ignoring `C:\ProgramData\Git\config` files unless they are owned by the system account, by the administrators group, or by the account under which Git is running. Turns out that there are situations when that config file is owned by _an_ administrator, not by the entire administrators group, and that still is okay. This can happen very easily e.g. in Docker Containers. Let's add a fall back when the owner is none of the three currently expected ones, enumerating the members of the administrators group and comparing them to the file's owner. If a match is found, the owner is not dubious. Enumerating groups' members on Windows is not exactly a cheap operation, and it requires linking to the `netapi32.dll`. Since this is rarely needed, and since this is done at most a handful of times during any Git process' life cycle, it is okay that it is a bit expensive. To avoid the startup cost of linking to yet another DLL, we do this lazily instead: that way, the vast majority of Git for Windows' users will not feel any impact by this patch. This fixes git-for-windows#2304. Signed-off-by: Johannes Schindelin <[email protected]>
dscho
force-pushed
the
program-data-config-owned-by-specific-administrator
branch
from
69c9a84 to
8f8ffd9
Compare
dscho
added a commit
that referenced
this pull request
Oct 2, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
dscho
added a commit
that referenced
this pull request
Oct 2, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
git-for-windows-ci
pushed a commit
that referenced
this pull request
Oct 3, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
git-for-windows-ci
pushed a commit
that referenced
this pull request
Oct 3, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
dscho
added a commit
that referenced
this pull request
Oct 4, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
dscho
added a commit
that referenced
this pull request
Oct 4, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
git-for-windows-ci
pushed a commit
that referenced
this pull request
Oct 6, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
git-for-windows-ci
pushed a commit
that referenced
this pull request
Oct 6, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
git-for-windows-ci
pushed a commit
that referenced
this pull request
Oct 6, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
git-for-windows-ci
pushed a commit
that referenced
this pull request
Oct 7, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
git-for-windows-ci
pushed a commit
that referenced
this pull request
Oct 7, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
git-for-windows-ci
pushed a commit
that referenced
this pull request
Oct 7, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
git-for-windows-ci
pushed a commit
that referenced
this pull request
Oct 7, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
git-for-windows-ci
pushed a commit
that referenced
this pull request
Oct 9, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
git-for-windows-ci
pushed a commit
that referenced
this pull request
Oct 9, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
git-for-windows-ci
pushed a commit
that referenced
this pull request
Oct 9, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
git-for-windows-ci
pushed a commit
that referenced
this pull request
Oct 11, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
dscho
added a commit
that referenced
this pull request
Oct 11, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
dscho
added a commit
that referenced
this pull request
Oct 11, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
dscho
added a commit
that referenced
this pull request
Oct 12, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
git-for-windows-ci
pushed a commit
that referenced
this pull request
Oct 15, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
git-for-windows-ci
pushed a commit
that referenced
this pull request
Oct 15, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
dscho
added a commit
that referenced
this pull request
Oct 15, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
git-for-windows-ci
pushed a commit
that referenced
this pull request
Oct 16, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
dscho
added a commit
that referenced
this pull request
Oct 16, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
git-for-windows-ci
pushed a commit
that referenced
this pull request
Oct 17, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
dscho
added a commit
that referenced
this pull request
Oct 17, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
git-for-windows-ci
pushed a commit
that referenced
this pull request
Oct 18, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
git-for-windows-ci
pushed a commit
that referenced
this pull request
Oct 18, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
dscho
added a commit
that referenced
this pull request
Oct 21, 2019
…ific-administrator Do not complain if `C:\ProgramData\Git\config` is owned by a specific administrator
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Recently, we hardened the ProgramData support by ignoring the config file when it is owned by a "dubious" user, i.e. by an account other than the local administrators group, the system account or the current user.
Turns out, there is at least one scenario where that config file can be legitimately owned by a specific administrator rather than the administrators group, and that still should not be treated as "dubious". Let's implement code to handle this situation gracefully.
This fixes #2304.