compinit security (Re: Simple Tip of the Day)

zsh-users
 help / color / mirror / code / Atom feed

From: Bart Schaefer <schaefer@brasslantern.com>
To: zsh-users@sunsite.dk
Subject: compinit security (Re: Simple Tip of the Day)
Date: Sun, 04 Dec 2005 00:24:48 +0000	[thread overview]
Message-ID: <1051204002448.ZM15274@candle.brasslantern.com> (raw)
In-Reply-To: <s064p1p3p6odgc5pae060lmtkob5tqki2g@4ax.com>

On Dec 3, 10:20pm, zzapper wrote:
}
} ignore insecure directories and files and continue [ny]? 
} compinit: initialization aborted
} 
} how do I get it to default to y

You can't, but you don't really want to.  An answer of "n" means abort,
and an answer of "y" means to skip reading the insecure directories.

The compsys manual section says under "Initialization":

    For security reasons compinit also checks if the completion system
    would use files not owned by root or by the current user, or files
    in directories that are world- or group-writable or that are not
    owned by root or by the current user. If such files or directories
    are found, compinit will ask if the completion system should really
    be used.  To avoid these tests and make all files found be used
    without asking, use the option -u, and to make compinit silently
    ignore all insecure files and directories use the option -i. This
    security check is skipped entirely when the -C option is given.

In other words, it's paranoid about sourcing files that might have been
created or edited by a malicious third party.

next prev parent reply	other threads:[~2005-12-04  0:25 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-12-01 20:38 Simple Tip of the Day zzapper
2005-12-02  1:09 ` Vincent Lefevre
2005-12-02  9:13   ` Thorsten Kampe
2005-12-02 12:49     ` Mikael Magnusson
2005-12-02 19:20       ` zzapper
2005-12-03 20:28         ` zzapper
2005-12-03 22:08           ` Mikael Magnusson
2005-12-03 22:20             ` zzapper
2005-12-04  0:24               ` Bart Schaefer [this message]
2005-12-04  1:32               ` Mikael Magnusson

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1051204002448.ZM15274@candle.brasslantern.com \
    --to=schaefer@brasslantern.com \
    --cc=zsh-users@sunsite.dk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this public inbox

	https://git.vuxu.org/mirror/zsh/

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).