0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2024-12-22 23:33:15 -05:00
forgejo/routers/private
Gergely Nagy 8eba631f8d
hooks: Harden when we accept push options that change repo settings
It is possible to change some repo settings (its visibility, and
template status) via `git push` options: `-o repo.private=true`, `-o
repo.template=true`.

Previously, there weren't sufficient permission checks on these, and
anyone who could `git push` to a repository - including via an AGit
workflow! - was able to change either of these settings. To guard
against this, the pre-receive hook will now check if either of these
options are present, and if so, will perform additional permission
checks to ensure that these can only be set by a repository owner or
an administrator. Additionally, changing these settings is disabled for
forks, even for the fork's owner.

There's still a case where the owner of a repository can change the
visibility of it, and it will not propagate to forks (it propagates to
forks when changing the visibility via the API), but that's an
inconsistency, not a security issue.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
Signed-off-by: Earl Warren <contact@earl-warren.org>
2024-04-19 16:53:14 +02:00
..
tests/repos
actions.go Clean up log messages (#30313) 2024-04-15 20:01:35 +02:00
default_branch.go Move get/set default branch from git package to gitrepo package to hide repopath (#29126) 2024-03-11 23:36:59 +07:00
hook_post_receive.go Do not update PRs based on events that happened before they existed 2024-04-11 11:16:23 +02:00
hook_pre_receive.go hooks: Harden when we accept push options that change repo settings 2024-04-19 16:53:14 +02:00
hook_proc_receive.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
hook_verification.go Clean up log messages (#30313) 2024-04-15 20:01:35 +02:00
hook_verification_test.go Adjust object format interface (#28469) 2023-12-17 11:56:08 +00:00
internal.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
internal_repo.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
key.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
mail.go Clean up log messages (#30313) 2024-04-15 20:01:35 +02:00
main_test.go make writing main test easier (#27270) 2023-09-28 01:38:53 +00:00
manager.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
manager_process.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
manager_unix.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
manager_windows.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
restore_repo.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
serv.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
ssh_log.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00