grim/hgkeeper

Normalize paths before passing them to the authorization checker

16 months ago, Gary Kramlich
e33f7739ab49
Normalize paths before passing them to the authorization checker

This bug allowed attackers to bypass deny rules by adding a trailing / to the
repository which depending on the policy could grant them access to said
repository.
package globals
type Globals struct {
ReposPath string `kong:"flag,name='repos-path',env='HGK_REPOS_PATH',default='repos',help='the directory where the repositories are stored'"`
AdminRepo string `kong:"flag,name='admin-repo',env='HGK_ADMIN_REPO',default='hgkeeper',help='the name of the admin repo to create/use'"`
}