capistrano

mirror of https://github.com/capistrano/capistrano synced 2023-03-27 23:21:18 -04:00

History

Matt Brictson 9c92ad51ed Security: randomize path of git wrapper script Before, the `:git_wrapper_path` was a somewhat predictable value and located in `/tmp` by default, which is world-writable. That meant that there was a chance (albeit very small) that another process could guess the path and overwrite it with something malicious. Fix by randomly generating a path name so that the git wrapper script location cannot be predicted. This change should be transparent to capistrano users since the `:git_wrapper_path` is only intended to be used internally. If you need a predictable value for this path, set a custom value for `:git_wrapper_path` in your `deploy.rb` file.	2021-01-05 07:57:02 -08:00
..
capistrano	Security: randomize path of git wrapper script	2021-01-05 07:57:02 -08:00
capistrano_spec.rb	Fix Style/ExtraSpacing	2016-02-28 17:56:07 -06:00

Security: randomize path of git wrapper script

Before, the `:git_wrapper_path` was a somewhat predictable value and
located in `/tmp` by default, which is world-writable. That meant that
there was a chance (albeit very small) that another process could guess
the path and overwrite it with something malicious.

Fix by randomly generating a path name so that the git wrapper script
location cannot be predicted.

This change should be transparent to capistrano users since the
`:git_wrapper_path` is only intended to be used internally. If you need
a predictable value for this path, set a custom value for
`:git_wrapper_path` in your `deploy.rb` file.

2021-01-05 07:57:02 -08:00

capistrano

Security: randomize path of git wrapper script

2021-01-05 07:57:02 -08:00

capistrano_spec.rb

Fix Style/ExtraSpacing

2016-02-28 17:56:07 -06:00