##// END OF EJS Templates
dispatch: protect against malicious 'hg serve --stdio' invocations (sec)...
dispatch: protect against malicious 'hg serve --stdio' invocations (sec) Some shared-ssh installations assume that 'hg serve --stdio' is a safe command to run for minimally trusted users. Unfortunately, the messy implementation of argument parsing here meant that trying to access a repo named '--debugger' would give the user a pdb prompt, thereby sidestepping any hoped-for sandboxing. Serving repositories over HTTP(S) is unaffected. We're not currently hardening any subcommands other than 'serve'. If your service exposes other commands to users with arbitrary repository names, it is imperative that you defend against repository names of '--debugger' and anything starting with '--config'. The read-only mode of hg-ssh stopped working because it provided its hook configuration to "hg serve --stdio" via --config parameter. This is banned for security reasons now. This patch switches it to directly call ui.setconfig(). If your custom hosting infrastructure relies on passing --config to "hg serve --stdio", you'll need to find a different way to get that configuration into Mercurial, either by using ui.setconfig() as hg-ssh does in this patch, or by placing an hgrc file someplace where Mercurial will read it. mitrandir@fb.com provided some extra fixes for the dispatch code and for hg-ssh in places that I overlooked.

File last commit:

r8449:807f3f5c default
r32050:77eaf953 4.1.3 stable
Show More
test-ui-verbosity.py.out
66 lines | 4.2 KiB | text/plain | TextLexer
/ tests / test-ui-verbosity.py.out
Martin Geisler
tests: renamed Python tests to .py
r8449 hgrc settings command line options final result
quiet verbo debug quiet verbo debug quiet verbo debug
0 False False False False False False -> False False False
1 True False False False False False -> True False False
2 False True False False False False -> False True False
3 True True False False False False -> False False False
4 False False True False False False -> False True True
5 True False True False False False -> False True True
6 False True True False False False -> False True True
7 True True True False False False -> False True True
8 False False False True False False -> True False False
9 True False False True False False -> True False False
10 False True False True False False -> True False False
11 True True False True False False -> True False False
12 False False True True False False -> True False False
13 True False True True False False -> True False False
14 False True True True False False -> True False False
15 True True True True False False -> True False False
16 False False False False True False -> False True False
17 True False False False True False -> False True False
18 False True False False True False -> False True False
19 True True False False True False -> False True False
20 False False True False True False -> False True False
21 True False True False True False -> False True False
22 False True True False True False -> False True False
23 True True True False True False -> False True False
24 False False False True True False -> False False False
25 True False False True True False -> False False False
26 False True False True True False -> False False False
27 True True False True True False -> False False False
28 False False True True True False -> False False False
29 True False True True True False -> False False False
30 False True True True True False -> False False False
31 True True True True True False -> False False False
32 False False False False False True -> False True True
33 True False False False False True -> False True True
34 False True False False False True -> False True True
35 True True False False False True -> False True True
36 False False True False False True -> False True True
37 True False True False False True -> False True True
38 False True True False False True -> False True True
39 True True True False False True -> False True True
40 False False False True False True -> False True True
41 True False False True False True -> False True True
42 False True False True False True -> False True True
43 True True False True False True -> False True True
44 False False True True False True -> False True True
45 True False True True False True -> False True True
46 False True True True False True -> False True True
47 True True True True False True -> False True True
48 False False False False True True -> False True True
49 True False False False True True -> False True True
50 False True False False True True -> False True True
51 True True False False True True -> False True True
52 False False True False True True -> False True True
53 True False True False True True -> False True True
54 False True True False True True -> False True True
55 True True True False True True -> False True True
56 False False False True True True -> False True True
57 True False False True True True -> False True True
58 False True False True True True -> False True True
59 True True False True True True -> False True True
60 False False True True True True -> False True True
61 True False True True True True -> False True True
62 False True True True True True -> False True True
63 True True True True True True -> False True True