From: Peter Stephenson <pws@csr.com>
To: "Zsh hackers list" <zsh-workers@sunsite.dk>
Subject: Re: Misleading/not-as-useful-as-it-could-be error message
Date: Fri, 28 Mar 2008 14:55:37 +0000 [thread overview]
Message-ID: <20080328145537.3e3e8ee6@news01> (raw)
In-Reply-To: <2d460de70803280544ub409dfn4dc454433b6ba271@mail.gmail.com>
On Fri, 28 Mar 2008 13:44:11 +0100
"Richard Hartmann" <richih.mailinglist@gmail.com> wrote:
> I just found out about a neat feature: When a completion function is
> writeable by non-root, zsh will complain about the fact.
>
> You get:
> Ignore insecure files and continue [ny]?
>
> I see two problems with this:
> 1) The user does not know it is zsh saying this, it could be anything,
> really.
> 2) The user is not told _what_ files are considered insecure and why.
>
> Adding a note on where & why the files were sourced/loaded would
> be an optional extra.
People have complained before (now in the dim distant past, I think even
before I became responsible for this by default) that this is a bit terse.
If you type 'n' it tells you to run compaudit to see what was wrong, but
(a) it's not very clear what 'n' means (b) you can run it if you type 'y',
too, which is still as safe since it ignores the files in question. The
reason for typing 'n' wouldn't be security, it would be the worry that you
haven't got a complete completion system, although if you fix the problem
you can run compinit again.
Index: Completion/compinit
===================================================================
RCS file: /cvsroot/zsh/zsh/Completion/compinit,v
retrieving revision 1.18
diff -u -r1.18 compinit
--- Completion/compinit 1 Nov 2007 10:56:39 -0000 1.18
+++ Completion/compinit 28 Mar 2008 14:48:46 -0000
@@ -417,8 +417,9 @@
if ! eval compaudit; then
if [[ -n "$_i_q" ]]; then
if [[ "$_i_fail" = ask ]]; then
- if ! read -q "?Ignore insecure $_i_q and continue [ny]? "; then
- print -u2 "run compaudit to see list of insecure $_i_q"
+ if ! read -q \
+"?zsh compinit: insecure $_i_q, run compaudit for list.
+Ignore insecure $_i_q and continue [y] or abort compinit [n]? "; then
print -u2 "$0: initialization aborted"
unfunction compinit compdef
unset _comp_dumpfile _comp_secure compprefuncs comppostfuncs \
--
Peter Stephenson <pws@csr.com> Software Engineer
CSR PLC, Churchill House, Cambridge Business Park, Cowley Road
Cambridge, CB4 0WZ, UK Tel: +44 (0)1223 692070
prev parent reply other threads:[~2008-03-28 14:57 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-03-28 12:44 Richard Hartmann
2008-03-28 14:55 ` Peter Stephenson [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080328145537.3e3e8ee6@news01 \
--to=pws@csr.com \
--cc=zsh-workers@sunsite.dk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/zsh/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).