Re: "compinit -i" not excluding some insecure dirs?

zsh-workers
 help / color / mirror / code / Atom feed

From: Bart Schaefer <schaefer@brasslantern.com>
To: zsh-workers@zsh.org
Subject: Re: "compinit -i" not excluding some insecure dirs?
Date: Mon, 28 Sep 2015 14:17:32 -0700	[thread overview]
Message-ID: <150928141732.ZM15458@torch.brasslantern.com> (raw)
In-Reply-To: <56092456.3000006@apjanke.net>

On Sep 28,  7:28am, Andrew Janke wrote:
}
} What is the expected behavior for compinit's "-i" switch? The doco says 
} it will " silently ignore all insecure files and directories". I 
} interpret that to mean "silently exclude insecure files and dirs from 
} use in the completion system", as opposed to "silently ignore the 
} security check failures and use them anyway". If this is the case, it 
} looks like there might be an issue with the "compinit -i" code.

There's only so much that compinit can do.  It doesn't actually change
your $fpath to remove the insecure directories; it merely doesn't look
at them when scanning for files that contain #compdef, #autoload, etc.
on the first line.

So if you have fpath=(/insecure /secure) and there is _kill in both
places, the one in /secure will be used for #compdef at time of
compinit, but the one in /insecure will still be used at the time
the function is called, because $fpath search order says it should.

I must grudgingly admit that this is closely related to Ray Andrew's
(incorrect) expectation that once the "autoload" *command* is issued,
the source file of the corresponding function is locked down.

To really be secure, a re-check would have to be done at the instant
of the first function call, or all the functions would have to be pre-
loaded at the instant of compaudit (which is exactly what compinit is
attempting to *avoid* doing).

next prev parent reply	other threads:[~2015-09-28 21:17 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-09-28 11:28 Andrew Janke
2015-09-28 21:17 ` Bart Schaefer [this message]
2015-09-28 21:52   ` Andrew Janke
2015-09-29 17:59     ` Bart Schaefer

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=150928141732.ZM15458@torch.brasslantern.com \
    --to=schaefer@brasslantern.com \
    --cc=zsh-workers@zsh.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this public inbox

	https://git.vuxu.org/mirror/zsh/

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).