Mercurial > hg
annotate README @ 32050:77eaf9539499 stable 4.1.3
dispatch: protect against malicious 'hg serve --stdio' invocations (sec)
Some shared-ssh installations assume that 'hg serve --stdio' is a safe
command to run for minimally trusted users. Unfortunately, the messy
implementation of argument parsing here meant that trying to access a
repo named '--debugger' would give the user a pdb prompt, thereby
sidestepping any hoped-for sandboxing. Serving repositories over HTTP(S)
is unaffected.
We're not currently hardening any subcommands other than 'serve'. If
your service exposes other commands to users with arbitrary repository
names, it is imperative that you defend against repository names of
'--debugger' and anything starting with '--config'.
The read-only mode of hg-ssh stopped working because it provided its hook
configuration to "hg serve --stdio" via --config parameter. This is banned for
security reasons now. This patch switches it to directly call ui.setconfig().
If your custom hosting infrastructure relies on passing --config to
"hg serve --stdio", you'll need to find a different way to get that configuration
into Mercurial, either by using ui.setconfig() as hg-ssh does in this patch,
or by placing an hgrc file someplace where Mercurial will read it.
mitrandir@fb.com provided some extra fixes for the dispatch code and
for hg-ssh in places that I overlooked.
author | Augie Fackler <augie@google.com> |
---|---|
date | Wed, 12 Apr 2017 11:23:55 -0700 |
parents | 4b0fc75f9403 |
children | 76b171209151 |
rev | line source |
---|---|
12857
a9f91c844a3b
README: add small introduction
Martin Geisler <mg@lazybytes.net>
parents:
12856
diff
changeset
|
1 Mercurial |
a9f91c844a3b
README: add small introduction
Martin Geisler <mg@lazybytes.net>
parents:
12856
diff
changeset
|
2 ========= |
a9f91c844a3b
README: add small introduction
Martin Geisler <mg@lazybytes.net>
parents:
12856
diff
changeset
|
3 |
a9f91c844a3b
README: add small introduction
Martin Geisler <mg@lazybytes.net>
parents:
12856
diff
changeset
|
4 Mercurial is a fast, easy to use, distributed revision control tool |
a9f91c844a3b
README: add small introduction
Martin Geisler <mg@lazybytes.net>
parents:
12856
diff
changeset
|
5 for software developers. |
a9f91c844a3b
README: add small introduction
Martin Geisler <mg@lazybytes.net>
parents:
12856
diff
changeset
|
6 |
3935 | 7 Basic install: |
0
9117c6561b0b
Add back links from file revisions to changeset revisions
mpm@selenic.com
parents:
diff
changeset
|
8 |
3935 | 9 $ make # see install targets |
10 $ make install # do a system-wide install | |
11 $ hg debuginstall # sanity-check setup | |
12 $ hg # see help | |
205
d255d99a7cbd
README: integrate some changes from Kevin Smith
mpm@selenic.com
parents:
204
diff
changeset
|
13 |
16217
df5ecb813426
readme: mention how to run in-place
Ross Lagerwall <rosslagerwall@gmail.com>
parents:
12857
diff
changeset
|
14 Running without installing: |
df5ecb813426
readme: mention how to run in-place
Ross Lagerwall <rosslagerwall@gmail.com>
parents:
12857
diff
changeset
|
15 |
df5ecb813426
readme: mention how to run in-place
Ross Lagerwall <rosslagerwall@gmail.com>
parents:
12857
diff
changeset
|
16 $ make local # build for inplace usage |
df5ecb813426
readme: mention how to run in-place
Ross Lagerwall <rosslagerwall@gmail.com>
parents:
12857
diff
changeset
|
17 $ ./hg --version # should show the latest version |
df5ecb813426
readme: mention how to run in-place
Ross Lagerwall <rosslagerwall@gmail.com>
parents:
12857
diff
changeset
|
18 |
26421
4b0fc75f9403
urls: bulk-change primary website URLs
Matt Mackall <mpm@selenic.com>
parents:
16217
diff
changeset
|
19 See https://mercurial-scm.org/ for detailed installation |
3935 | 20 instructions, platform-specific notes, and Mercurial user information. |