* Re: PATCH: Re: Permissions directories
@ 2000-06-23 8:04 Sven Wischnowsky
0 siblings, 0 replies; 3+ messages in thread
From: Sven Wischnowsky @ 2000-06-23 8:04 UTC (permalink / raw)
To: zsh-workers
Bart Schaefer wrote:
> On Jun 23, 9:09am, Sven Wischnowsky wrote:
> } Subject: PATCH: Re: Permissions directories
> }
> } + # We search for:
> } + # - world/group-writable directories in fpath not owned by root or the user
> } + # - parent-directories of directories in fpath that are world/group-writable
> } + # and not owned by root or the user
>
> I think you meant "... OR not owned by ..." rather than "and."
That's a Germanism[1], should have known, that, though.
> Of course it now occurs to me that the one remaining problem is that if
> the directory or file containing the compinit function is writable, none
> of this is going to make any difference.
Indeed >;->
> I suppose at some point you just have to trust your installation. I'd be
> tempted to suggest that compinit should be at least partially moved into
> the C code in the computil module, but then we're not doing any ownership/
> writability tests on dynamically-loaded modules in the C code, either.
I was tempted to do that for the loop(s) that read the #compdef
tags (to make it faster). But even this (and the globbing even more)
is so much more convenient to write in shell code...
Bye
Sven
Index: Completion/Core/compinit
===================================================================
RCS file: /cvsroot/zsh/zsh/Completion/Core/compinit,v
retrieving revision 1.7
diff -u -r1.7 compinit
--- Completion/Core/compinit 2000/06/23 07:10:41 1.7
+++ Completion/Core/compinit 2000/06/23 08:01:05
@@ -348,13 +348,13 @@
typeset _i_q
# We search for:
- # - world/group-writable directories in fpath not owned by root or the user
+ # - world/group-writable directories in fpath not owned by root and the user
# - parent-directories of directories in fpath that are world/group-writable
- # and not owned by root or the user (that would allow someone to put a
+ # and not owned by root and the user (that would allow someone to put a
# digest file for one of the directories into the parent directory)
- # - digest files for one of the directories in fpath not owned by root or
+ # - digest files for one of the directories in fpath not owned by root and
# the user
- # - and for files in directories from fpath not owned by root or the user
+ # - and for files in directories from fpath not owned by root and the user
# (including zwc files)
_i_wdirs=( ${^fpath}(Nf:g+w:,f:o+w:,^u0u${EUID})
--
Sven Wischnowsky wischnow@informatik.hu-berlin.de
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: PATCH: Re: Permissions directories
2000-06-23 7:09 Sven Wischnowsky
@ 2000-06-23 7:52 ` Bart Schaefer
0 siblings, 0 replies; 3+ messages in thread
From: Bart Schaefer @ 2000-06-23 7:52 UTC (permalink / raw)
To: zsh-workers
On Jun 23, 9:09am, Sven Wischnowsky wrote:
} Subject: PATCH: Re: Permissions directories
}
} + # We search for:
} + # - world/group-writable directories in fpath not owned by root or the user
} + # - parent-directories of directories in fpath that are world/group-writable
} + # and not owned by root or the user
I think you meant "... OR not owned by ..." rather than "and."
Of course it now occurs to me that the one remaining problem is that if
the directory or file containing the compinit function is writable, none
of this is going to make any difference.
I suppose at some point you just have to trust your installation. I'd be
tempted to suggest that compinit should be at least partially moved into
the C code in the computil module, but then we're not doing any ownership/
writability tests on dynamically-loaded modules in the C code, either.
--
Bart Schaefer Brass Lantern Enterprises
http://www.well.com/user/barts http://www.brasslantern.com
Zsh: http://www.zsh.org | PHPerl Project: http://phperl.sourceforge.net
^ permalink raw reply [flat|nested] 3+ messages in thread
* PATCH: Re: Permissions directories
@ 2000-06-23 7:09 Sven Wischnowsky
2000-06-23 7:52 ` Bart Schaefer
0 siblings, 1 reply; 3+ messages in thread
From: Sven Wischnowsky @ 2000-06-23 7:09 UTC (permalink / raw)
To: zsh-workers
Bart Schaefer wrote:
> On Jun 22, 1:07pm, Sven Wischnowsky wrote:
> } Subject: Re: Permissions directories
> }
> } Bart Schaefer wrote:
> }
> } > I think it's got the test wrong for
> } > the .zwc files, though -- e.g. if the parent of a directory in $fpath
> } > is writable, I believe under the current tests I could still create a
> } > trojan .zwc file there
> }
> } Digest files are not used automatically, they have to be named in
> } $fpath.
>
> Oh, so the documentation under "Autoloaded Functions" is wrong?
Oh, no... I was wrong (obviously this was changed some time...).
> ...
>
> } Or should we give that as a choice at the prompt (don't use/use/ignore)?
>
> It wouldn't hurt, but it's not as important. However, I think you have
> the prompt wrong ... isn't the default answer usually the first one? You
> have "... continue [yn]?" but if I just hit return that's taken as n, not
> y, so it should be "... continue [ny]?". I was about to append a patch,
> but then I became indecisive as to the default *should* be, particularly
> if we allow three choices.
The patch only changes the prompt. compinit just uses `read -q' and
the default behaviour comes from there.
Bye
Sven
Index: Completion/Core/compinit
===================================================================
RCS file: /cvsroot/zsh/zsh/Completion/Core/compinit,v
retrieving revision 1.6
diff -u -r1.6 compinit
--- Completion/Core/compinit 2000/06/22 11:09:18 1.6
+++ Completion/Core/compinit 2000/06/23 07:09:14
@@ -347,9 +347,21 @@
if [[ "$_i_fail" != use ]]; then
typeset _i_q
- _i_wdirs=( ${^fpath}(Nf:g+w:,f:o+w:,^u0u${EUID}) )
- _i_wfiles=( ${^~fpath:/.}/^([^_]*|*~)(N^u0u${EUID}) )
+ # We search for:
+ # - world/group-writable directories in fpath not owned by root or the user
+ # - parent-directories of directories in fpath that are world/group-writable
+ # and not owned by root or the user (that would allow someone to put a
+ # digest file for one of the directories into the parent directory)
+ # - digest files for one of the directories in fpath not owned by root or
+ # the user
+ # - and for files in directories from fpath not owned by root or the user
+ # (including zwc files)
+ _i_wdirs=( ${^fpath}(Nf:g+w:,f:o+w:,^u0u${EUID})
+ ${^fpath}/..(Nf:g+w:,f:o+w:,^u0u${EUID})
+ ${^fpath}.zwc^([^_]*|*~)(N^u0u${EUID}) )
+ _i_wfiles=( ${^fpath}/^([^_]*|*~)(N^u0u${EUID}) )
+
case "${#_i_wdirs}:${#_i_wfiles}" in
0:0) _i_q= ;;
0:*) _i_q=files ;;
@@ -359,7 +371,7 @@
if [[ -n "$_i_q" ]]; then
if [[ "$_i_fail" = ask ]]; then
- if ! read -q "?There are insecure $_i_q, continue [yn]? "; then
+ if ! read -q "?There are insecure $_i_q, continue [ny]? "; then
unfunction compinit compdef
unset _comp_dumpfile _comp_secure compprefuncs comppostfuncs \
_comps _patcomps _postpatcomps _compautos _lastcomp
@@ -369,8 +381,8 @@
_i_wfiles=()
_i_wdirs=()
else
- (( $#_i_wfiles )) && _i_files=( "${(@)_i_files:#(${(j:|:)_i_wfiles})}" )
- (( $#_i_wdirs )) && _i_files=( "${(@)_i_files:#(${(j:|:)_i_wdirs})/*}" )
+ (( $#_i_wfiles )) && _i_files=( "${(@)_i_files:#(${(j:|:)_i_wfiles%.zwc})}" )
+ (( $#_i_wdirs )) && _i_files=( "${(@)_i_files:#(${(j:|:)_i_wdirs%.zwc})/*}" )
fi
fi
_comp_secure=yes
--
Sven Wischnowsky wischnow@informatik.hu-berlin.de
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2000-06-23 8:05 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2000-06-23 8:04 PATCH: Re: Permissions directories Sven Wischnowsky
-- strict thread matches above, loose matches on Subject: below --
2000-06-23 7:09 Sven Wischnowsky
2000-06-23 7:52 ` Bart Schaefer
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/zsh/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).