[PATCH] tests: Make sure that git does not access $HOME
Jason A. Donenfeld
Jason at zx2c4.com
Mon Apr 8 22:20:12 CEST 2013
From: "Jason A. Donenfeld" <Jason at zx2c4.com>
With the latest changes to prevent git from accessing configuration
files that it should not, it's important to be sure that we won't
have further breakage in the future.
Use strace to implement a test to make sure cgit does not access()
anything built from $HOME.
Signed-off-by: Jason A. Donenfeld <Jason at zx2c4.com>
---
tests/t0109-gitconfig.sh | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
create mode 100755 tests/t0109-gitconfig.sh
diff --git a/tests/t0109-gitconfig.sh b/tests/t0109-gitconfig.sh
new file mode 100755
index 0000000..b68866f
--- /dev/null
+++ b/tests/t0109-gitconfig.sh
@@ -0,0 +1,19 @@
+#!/bin/sh
+
+test_description='Ensure that git does not access $HOME'
+. ./setup.sh
+
+test -n "$(which strace 2>/dev/null)" || {
+ skip_all='Skipping access validation tests: strace not found'
+ test_done
+ exit
+}
+
+test_expect_success 'no access to $HOME' '
+ non_existant_path="/path/to/some/place/that/does/not/possibly/exist/$(date +%N)"
+ strace -E HOME="$non_existant_path" -E CGIT_CONFIG="$PWD/cgitrc" \
+ -E QUERY_STRING="url=foo/commit" -e access -f cgit 2>&1 >/dev/null | \
+ test_must_fail grep "$non_existant_path"
+'
+
+test_done
--
1.8.1.5
More information about the CGit
mailing list