Jeff King wrote: > On Wed, May 10, 2017 at 10:00:44AM -0700, Jonathan Nieder wrote: >> Jeff King wrote:
>>> [1] The reachability checks from upload-pack don't actually do much on >>> GitHub, because you can generally access the objects via the API or >>> the web site anyway. [...] >> Given that, what would make me really happy is if github enables >> uploadpack.allowAnySHA1InWant. That would be useful for me, at least. > > One of my hesitations is that we've actually considered moving in the > opposite direction. The object storage for all of the repositories in a > network is shared, so I can fork git.git, push up malicious crap, and > then point people to: > > https://github.com/git/git/commit/$sha1 > > and it resolves. Obviously there's a social-engineering component to any > such attack, but it's not great. And even without security in mind, it's > potentially confusing. [...] > But even leaving all the refs/pull stuff aside, allowAnySHA1InWant does > seem to increase that confusion, and I don't see a way around it short > of never sharing objects between repositories at all. So I think at most > we'd do allowReachableSHA1InWant. I had guessed you didn't want to do allowReachableSHA1InWant for performance reasons. (I haven't checked to what extent we are already taking advantage of bitmaps to avoid a slow reachability check.) If I was wrong and allowReachableSHA1InWant is on the table then it is of course even better. :) Thanks, Jonathan
