commit 88936b11aff49e48f79842e4628c55620e0ad736
parent b830119762416fa8706e479e9b01f2453d6f6ad6
Author: Martin F. Krafft <madduck@madduck.net>
Date: Wed, 14 Aug 2019 10:26:55 +1200
Unset variables messing with Git use
This patch makes sure that variables from the environment cannot
override e.g. the Git directory to operate on, as well as other critical
parts of Git operations. These variables are:
- GIT_DIR
- GIT_WORK_TREE
- GIT_NAMESPACE
- GIT_INDEX_FILE
- GIT_INDEX_VERSION
- GIT_OBJECT_DIRECTORY
- GIT_COMMON_DIR
If any of those are set, pass might end up operating on another
repository, and things would break.
I caught this having GIT_DIR set, but fortunately the other repository
had a .gitignore that would have ignored the file:
```
fishbowl~% echo $GIT_DIR
/home/madduck/.config/vcsh/repo.d/zsh.git
fishbowl~% pass generate test
The following paths are ignored by one of your .gitignore files:
.password-store/test.gpg
Use -f if you really want to add them.
The generated password for test is:
…
```
The result was an orphan file `test.gpg` in the password-store root.
Signed-off-by: Martin F. Krafft <madduck@madduck.net>
Diffstat:
1 file changed, 1 insertion(+), 0 deletions(-)
diff --git a/src/password-store.sh b/src/password-store.sh
@@ -20,6 +20,7 @@ GENERATED_LENGTH="${PASSWORD_STORE_GENERATED_LENGTH:-25}"
CHARACTER_SET="${PASSWORD_STORE_CHARACTER_SET:-[:punct:][:alnum:]}"
CHARACTER_SET_NO_SYMBOLS="${PASSWORD_STORE_CHARACTER_SET_NO_SYMBOLS:-[:alnum:]}"
+unset GIT_DIR GIT_WORK_TREE GIT_NAMESPACE GIT_INDEX_FILE GIT_INDEX_VERSION GIT_OBJECT_DIRECTORY GIT_COMMON_DIR
export GIT_CEILING_DIRECTORIES="$PREFIX/.."
#
