On Fri, Sep 26, 2014 at 9:34 AM, Karanbir Singh <mail-lists at karan.org> wrote: > On 09/25/2014 08:41 PM, Nico Kadel-Garcia wrote: > >> Thinking about it, the git CentOS repository could possibly be >> vulnerable, depending on just how the git credentials are managed >> there I'd urge a check. > > no shell out happens at git.centos.org > > gitweb however, is exposed. As is anything that does a system() call. Cool. I'm curious how you do it, but would understand not wanting to discuss that kind of security detail on a public mailing list. Thinking further about it, if the web side uses something like Apache's 'mod_cgi', there are some separate risks there as well. I'd hope there's no inappropriate write access for the 'httpd' user, even if you're vulnerable. (I mention that for folks not as familiar with escalation attacks.)