I guess this is what happens
when linux devs get access to a slightly more sophisticated permissions system?
After a hefty Patch Tuesday comes news of an update for Git to deal with a vulnerability for the source shack when run on Microsoft's Windows. A variety of releases were emitted by the team. These include the latest maintenance release, 2.35.2, along with updates for older maintenance tracks (v2.30.3, v2.31.2, v2.32.1, v2.33.2 …
Since some configuration variables (such as core.fsmonitor) cause Git to execute arbitrary commands, this can lead to arbitrary command execution when working on a shared machine.”
Git runs arbitrary commands from arbitrary locations.
Yes, it you want per-user config, it should be stored in protected per-user storage, and it you want arbitrary commands, they should be in trusted locations,
In a properly configured native program, the trusted locations would also be configured in trusted per-user storage. But the world does seem to be drifting away from properly configured multi-user PCs: most of my users consider 'sharing a PC' to be on a level with 'sharing a toothbrush' or 'sharing underwear'.