# HG changeset patch
# User Jun Wu <quark@fb.com>
# Date 2016-03-04 13:18:02
# Node ID bd05d38a1002e46c34ff82d9614ae6ae4adab8fe
# Parent  8286f551b7ee485a11b75ee0efd6d85c303667c2

chgserver: use basename for socket symlink

Previously we use full path and the symlink may point to outside (unsafe)
world if the directory is moved. This patch fixes it by only linking to
basename of the target. Therefore the symbolic link and socket files will
always stay in the same directory.

diff --git a/hgext/chgserver.py b/hgext/chgserver.py
--- a/hgext/chgserver.py
+++ b/hgext/chgserver.py
@@ -613,7 +613,7 @@ class chgunixservice(commandserver.unixs
         if self.baseaddress == self.address:
             return
         tempaddress = _tempaddress(self.baseaddress)
-        os.symlink(self.address, tempaddress)
+        os.symlink(os.path.basename(self.address), tempaddress)
         util.rename(tempaddress, self.baseaddress)
 
     def _reloadconfig(self, signum, frame):