From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 2881 invoked from network); 23 Jun 2000 08:05:04 -0000 Received: from sunsite.auc.dk (130.225.51.30) by ns1.primenet.com.au with SMTP; 23 Jun 2000 08:05:04 -0000 Received: (qmail 16473 invoked by alias); 23 Jun 2000 08:04:53 -0000 Mailing-List: contact zsh-workers-help@sunsite.auc.dk; run by ezmlm Precedence: bulk X-No-Archive: yes X-Seq: 12043 Received: (qmail 16466 invoked from network); 23 Jun 2000 08:04:52 -0000 Date: Fri, 23 Jun 2000 10:04:49 +0200 (MET DST) Message-Id: <200006230804.KAA05838@beta.informatik.hu-berlin.de> From: Sven Wischnowsky To: zsh-workers@sunsite.auc.dk In-reply-to: "Bart Schaefer"'s message of Fri, 23 Jun 2000 07:52:10 +0000 Subject: Re: PATCH: Re: Permissions directories Bart Schaefer wrote: > On Jun 23, 9:09am, Sven Wischnowsky wrote: > } Subject: PATCH: Re: Permissions directories > } > } + # We search for: > } + # - world/group-writable directories in fpath not owned by root or the user > } + # - parent-directories of directories in fpath that are world/group-writable > } + # and not owned by root or the user > > I think you meant "... OR not owned by ..." rather than "and." That's a Germanism[1], should have known, that, though. > Of course it now occurs to me that the one remaining problem is that if > the directory or file containing the compinit function is writable, none > of this is going to make any difference. Indeed >;-> > I suppose at some point you just have to trust your installation. I'd be > tempted to suggest that compinit should be at least partially moved into > the C code in the computil module, but then we're not doing any ownership/ > writability tests on dynamically-loaded modules in the C code, either. I was tempted to do that for the loop(s) that read the #compdef tags (to make it faster). But even this (and the globbing even more) is so much more convenient to write in shell code... Bye Sven Index: Completion/Core/compinit =================================================================== RCS file: /cvsroot/zsh/zsh/Completion/Core/compinit,v retrieving revision 1.7 diff -u -r1.7 compinit --- Completion/Core/compinit 2000/06/23 07:10:41 1.7 +++ Completion/Core/compinit 2000/06/23 08:01:05 @@ -348,13 +348,13 @@ typeset _i_q # We search for: - # - world/group-writable directories in fpath not owned by root or the user + # - world/group-writable directories in fpath not owned by root and the user # - parent-directories of directories in fpath that are world/group-writable - # and not owned by root or the user (that would allow someone to put a + # and not owned by root and the user (that would allow someone to put a # digest file for one of the directories into the parent directory) - # - digest files for one of the directories in fpath not owned by root or + # - digest files for one of the directories in fpath not owned by root and # the user - # - and for files in directories from fpath not owned by root or the user + # - and for files in directories from fpath not owned by root and the user # (including zwc files) _i_wdirs=( ${^fpath}(Nf:g+w:,f:o+w:,^u0u${EUID}) -- Sven Wischnowsky wischnow@informatik.hu-berlin.de