mirror of
https://github.com/capistrano/capistrano
synced 2023-03-27 23:21:18 -04:00
9c92ad51ed
Before, the `:git_wrapper_path` was a somewhat predictable value and located in `/tmp` by default, which is world-writable. That meant that there was a chance (albeit very small) that another process could guess the path and overwrite it with something malicious. Fix by randomly generating a path name so that the git wrapper script location cannot be predicted. This change should be transparent to capistrano users since the `:git_wrapper_path` is only intended to be used internally. If you need a predictable value for this path, set a custom value for `:git_wrapper_path` in your `deploy.rb` file. |
||
|---|---|---|
| .. | ||
| assertions.rb | ||
| cap_commands.rb | ||
| setup.rb | ||