diff options
author | Bart Schaefer <barts@users.sourceforge.net> | 2000-07-26 08:54:58 +0000 |
---|---|---|
committer | Bart Schaefer <barts@users.sourceforge.net> | 2000-07-26 08:54:58 +0000 |
commit | 04aaf1cd7f9fb791a3f305c2d8f6e7f995b1db6a (patch) | |
tree | fca671c0afddd4aa0bc7d1f4914570b3fe0760ee /Completion/Core/compinit | |
parent | e7f910471143cfa56cc902e41c759ae91326f909 (diff) | |
download | zsh-04aaf1cd7f9fb791a3f305c2d8f6e7f995b1db6a.tar.gz zsh-04aaf1cd7f9fb791a3f305c2d8f6e7f995b1db6a.tar.xz zsh-04aaf1cd7f9fb791a3f305c2d8f6e7f995b1db6a.zip |
Move compinit security checks into compaudit.
Diffstat (limited to 'Completion/Core/compinit')
-rw-r--r-- | Completion/Core/compinit | 74 |
1 files changed, 19 insertions, 55 deletions
diff --git a/Completion/Core/compinit b/Completion/Core/compinit index 61128af01..de11c8f8c 100644 --- a/Completion/Core/compinit +++ b/Completion/Core/compinit @@ -1,10 +1,11 @@ # Initialisation for new style completion. This mainly contains some helper # functions and aliases. Everything else is split into different files that -# will automatically be made autoloaded (see the end of this file). -# The names of the files that will be considered for autoloading have to -# start with an underscores (like `_setopt'). -# The first line of these files will be read and has to say what should be -# done with its contents: +# will automatically be made autoloaded (see the end of this file). The +# names of the files that will be considered for autoloading are those that +# begin with an underscores (like `_setopt'). +# +# The first line of each of these files is read and must indicate what +# should be done with its contents: # # `#compdef <names ...>' # If the first line looks like this, the file is autoloaded as a @@ -57,6 +58,13 @@ # the end). This takes the dumpfile as an argument. -d (with the # default dumpfile) is now the default; to turn off dumping use -D. +# The -C flag bypasses both the check for rebuilding the dump file and the +# usual call to compaudit; the -i flag causes insecure directories found by +# compaudit to be ignored, and the -u flag causes all directories found by +# compaudit to be used (without security checking). Otherwise the user is +# queried for whether to use or ignore the insecure directories (which +# means compinit should not be called from non-interactive shells). + emulate -L zsh setopt extendedglob @@ -321,57 +329,13 @@ typeset _i_wdirs _i_wfiles _i_wdirs=() _i_wfiles=() +autoload -U compaudit if [[ -n "$_i_check" ]]; then - _i_files=( ${^~fpath:/.}/^([^_]*|*~|*.zwc)(N) ) - if [[ $#_i_files -lt 20 || $_compdir = */Core || -d $_compdir/Core ]]; then - # Too few files: we need some more directories, - # or we need to check that all directories (not just Core) are present. - if [[ -n $_compdir ]]; then - _i_addfiles=() - if [[ $_compdir = */Core ]]; then - # Add all the Completion subdirectories - _i_addfiles=(${_compdir:h}/*(/)) - elif [[ -d $_compdir/Core ]]; then - # Likewise - _i_addfiles=(${_compdir}/*(/)) - fi - for _i_line in {1..$#i_addfiles}; do - _i_file=${_i_addfiles[$_i_line]} - [[ -d $_i_file && -z ${fpath[(r)$_i_file]} ]] || - _i_addfiles[$_i_line]= - done - fpath=($fpath $_i_addfiles) - _i_files=( ${^~fpath:/.}/^([^_]*|*~|*.zwc)(N) ) - fi - fi - if [[ "$_i_fail" != use ]]; then - typeset _i_q - - # We search for: - # - world/group-writable directories in fpath not owned by root and the user - # - parent-directories of directories in fpath that are world/group-writable - # and not owned by root and the user (that would allow someone to put a - # digest file for one of the directories into the parent directory) - # - digest files for one of the directories in fpath not owned by root and - # the user - # - and for files in directories from fpath not owned by root and the user - # (including zwc files) - - _i_wdirs=( ${^fpath}(Nf:g+w:,f:o+w:,^u0u${EUID}) - ${^fpath}/..(Nf:g+w:,f:o+w:,^u0u${EUID}) - ${^fpath}.zwc^([^_]*|*~)(N^u0u${EUID}) ) - _i_wfiles=( ${^fpath}/^([^_]*|*~)(N^u0u${EUID}) ) - - case "${#_i_wdirs}:${#_i_wfiles}" in - 0:0) _i_q= ;; - 0:*) _i_q=files ;; - *:0) _i_q=directories ;; - *:*) _i_q='directories and files' ;; - esac - + typeset _i_q + if ! eval compaudit; then if [[ -n "$_i_q" ]]; then if [[ "$_i_fail" = ask ]]; then - if ! read -q "?There are insecure $_i_q, continue [ny]? "; then + if ! read -q "?There are insecure $_i_q, use them anyway [ny]? "; then unfunction compinit compdef unset _comp_dumpfile _comp_secure compprefuncs comppostfuncs \ _comps _patcomps _postpatcomps _compautos _lastcomp @@ -461,7 +425,7 @@ if [[ ${_i_line[2]} = expand-or-complete ]] && bindkey '^i' complete-word fi -unfunction compinit -autoload -U compinit +unfunction compinit compaudit +autoload -U compinit compaudit return 0 |