I'm working with Jupyter Notebook in a git repo hosted on GitHub. I use clean and smudge filters to keep the output and certain pieces from metadata from being tracked by git. I include instructions in the README to set them up...
git config filter.notebook.clean <command>
git config filter.notebook.smudge "cat"
...but it would be nice if they could be set up automatically AND tracked with git.
While trying to do this, I encountered comments suggesting that allowing filters to be installed with git clone would pose security risks.
So, what are the security risks associated with allowing smudge and cleaning filters to be set up on git clone?
Please leave a comment if you have advice for how I can improve this question. Here are examples of similar security-related questions about specific technologies that fit this site.
Allowing git clone to execute filters defined by the repository you are cloning implies that the act of cloning would allow arbitrary commands to be executed on your machine over which you have no control. Even if you reviewed the code and trust the repository, you can never be completely sure that a new commit didn't get pushed right before you cloned with filter commands that do something nefarious.
Well, 99% of the time you will probably do an npm install, or something similar, right after you clone the repository any way which in fact does allow arbitrary code to run on your machine by design. This is a security vulnerability that has been exploited in the past to good effect.