Questions tagged [git]
A popular distributed revision control system. Built for speed, data integrity and with support for distributed, non-linear workflows.
114 questions
0
votes
0
answers
69
views
Most secure method for a git workflow to reach another private github repo
I am working on multiple github workflows and these workflows need to reach other private repos within my organizations (these workflows might need to read and clone these repos or activate other ...
- 73
20
votes
3
answers
8k
views
How can I ensure that my Git projects have not been tampered with?
The origin of this whole mess is the news article Beware of Lazarus LinkedIn Recruiting Scam Targeting Org’s To Deliver Malware.
Someone may have breached my system - as in had access to my personal ...
- 395
1
vote
1
answer
327
views
Does it matter (and go widely unnoticed) that GitLab CI+docker-executor produces world-writable files, or do "we" need to raise awareness for that? [closed]
I have a vague feeling that there is a wide spread security problem which goes unnoticed. I'm trying to find out how to check the level of relevance and awareness out there or how to maybe raise it.
...
- 11
0
votes
0
answers
137
views
etckeeper: check out in a safe way?
Etckeeper is great, but it's not clear from the docs, how to check out a commit or a branch directly in /etc in a secure way. The issue is when you do a check out, git doesn't care about metadata and ...
- 183
0
votes
1
answer
142
views
How can I keep git ssh keys from developers in server
I'm trying to meet a requirement where devs can log in to a server, launch, and test code without having the ability to pull (or access any ssh keys)code from the repository.
I don't want to grant ...
- 846
2
votes
0
answers
172
views
How to scan and sanitize STL files?
Is there any tools to scan and/or sanitize .stl files?
I maintain a security-critical GitHub repo. A contributor recently created a PR that includes changes to .md, .scad, and .stl files.
The changes ...
- 1,196
1
vote
1
answer
901
views
Safely use Git Bash on Windows [closed]
I've recently downloaded and installed Git Bash for Windows https://git-scm.com/downloads, my primary goal is to use it for pushing code to GitHub. I already connect Gitbash with Github in browser ...
- 19
16
votes
5
answers
5k
views
Is it possible to sign Git commits on a different computer?
I'm doing some development work on an untrusted computer. I'd like to sign my commits I make from it, but I don't want my personal PGP key to touch this computer. Or maybe I'm using a PGP smart card ...
- 508
1
vote
2
answers
146
views
Is it safe to keep a JDBC SQLite URI in source code?
If I commit the name of SQLite database in the JDBC SQLite URI in the source code like below, is it possible for an attacker to exploit the URI?
Should I replace the name of the SQLite db with code to ...
- 111
0
votes
1
answer
298
views
How does github save files?
In Linux, "everything is a file". This makes it so that malicious code can practically be put into any file.
If I create a malicious .pdf file and upload it to github, this file can be ...
- 49
2
votes
0
answers
182
views
Why are certain hashes missing from the .git objects folder?
I'm currently attempting to pentest a web application created by a relation, who wanted me to find vulnerabilities and to let him know what exploits would be possible with said vulnerabilities.
I have ...
- 21
3
votes
0
answers
814
views
Is git-crypt or transcrypt more secure?
I'm looking at using either git-crypt or transcrypt to "transparently" encrypt a few secret files in a private github repository, using a symmetric key.
Separate from the debate of whether ...
- 31
0
votes
2
answers
573
views
Is git sparse-checkout secure?
I'm a software developer and our entire code of the project is stored in a single git repository. A small part of this now needs to be made available to a customer. He does not need to push to the ...
- 103
2
votes
1
answer
249
views
Git Remote Code Execution vulnerabilities as of January 17, 2023
GitHub Blog: https://github.blog/2023-01-17-git-security-vulnerabilities-announced-2
Git has 3 new Remote Code Execution vulnerabilities.
It's said in the blog that Git was already patched by version ...
- 21
0
votes
0
answers
90
views
enforcing version integrity on git repos
I'm working through a tabletop on code control and the question of ransomware came up. I figure someone has solved this.
Git is naturally resistant to ransomware - if someone's local copy of code gets ...
