|
|
|
|
|
|
by faiD9Eet
1071 days ago
|
|
|
For the sake of this argument, lets suppose you run a git server. Users $(ssh) into your host and are only allowed to execute the command $(git), for instance for submitting a copy of their repository. You think: It's fine, the user cannot mess up anything on this system since he is restricted to run git. Allowing any user $(git) access is as powerful as providing the user a $(bash) Suppose you've got a build pipeline. The pipeline executes $(zip) at some point. Executing zip is as powerful as providing any of the pipelines users a $(bash). |
|
|
Congratulations. Git without bash. Unless there's another escape I'm not aware of.