)]}'
{
  "commit": "3b0bf2704980b1ed6018622bdf5377ec22289688",
  "tree": "fc860ab61ea0f38f044b1913b9a8a899f065b159",
  "parents": [
    "b779214eafe7fa6933524737f166ecca99bdf468"
  ],
  "author": {
    "name": "Carlo Marcelo Arenas Belón",
    "email": "carenas@gmail.com",
    "time": "Tue May 10 12:35:29 2022 -0700"
  },
  "committer": {
    "name": "Johannes Schindelin",
    "email": "johannes.schindelin@gmx.de",
    "time": "Thu Jun 23 12:31:05 2022 +0200"
  },
  "message": "setup: tighten ownership checks post CVE-2022-24765\n\n8959555cee7 (setup_git_directory(): add an owner check for the top-level\ndirectory, 2022-03-02), adds a function to check for ownership of\nrepositories using a directory that is representative of it, and ways to\nadd exempt a specific repository from said check if needed, but that\ncheck didn\u0027t account for owership of the gitdir, or (when used) the\ngitfile that points to that gitdir.\n\nAn attacker could create a git repository in a directory that they can\nwrite into but that is owned by the victim to work around the fix that\nwas introduced with CVE-2022-24765 to potentially run code as the\nvictim.\n\nAn example that could result in privilege escalation to root in *NIX would\nbe to set a repository in a shared tmp directory by doing (for example):\n\n  $ git -C /tmp init\n\nTo avoid that, extend the ensure_valid_ownership function to be able to\ncheck for all three paths.\n\nThis will have the side effect of tripling the number of stat() calls\nwhen a repository is detected, but the effect is expected to be likely\nminimal, as it is done only once during the directory walk in which Git\nlooks for a repository.\n\nAdditionally make sure to resolve the gitfile (if one was used) to find\nthe relevant gitdir for checking.\n\nWhile at it change the message printed on failure so it is clear we are\nreferring to the repository by its worktree (or gitdir if it is bare) and\nnot to a specific directory.\n\nHelped-by: Junio C Hamano \u003cjunio@pobox.com\u003e\nHelped-by: Johannes Schindelin \u003cJohannes.Schindelin@gmx.de\u003e\nSigned-off-by: Carlo Marcelo Arenas Belón \u003ccarenas@gmail.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "aad9ace0af97efe342383616b2d800f226df0f4a",
      "old_mode": 33188,
      "old_path": "setup.c",
      "new_id": "9dcecda65b0a5babc26dec7c278dbef8086bc942",
      "new_mode": 33188,
      "new_path": "setup.c"
    }
  ]
}
