Show More
| @@ -37,6 +37,7 b' class ui(object):' | |||
|
|
37 | 37 | self.overlay = util.configparser() |
|
|
38 | 38 | self.cdata = util.configparser() |
|
|
39 | 39 | self.ucdata = util.configparser() |
|
|
40 | ||
|
|
40 | 41 | # we always trust global config files |
|
|
41 | 42 | self.readconfig(util.rcpath(), assumetrusted=True) |
|
|
42 | 43 | else: |
| @@ -63,26 +64,25 b' class ui(object):' | |||
|
|
63 | 64 | ui._isatty = False |
|
|
64 | 65 | return ui._isatty |
|
|
65 | 66 | |
|
|
66 |
def _is_trusted(self, fp, f |
|
|
|
67 | def _is_trusted(self, fp, f): | |
|
|
67 | 68 | st = util.fstat(fp) |
|
|
68 | 69 | if util.isowner(fp, st): |
|
|
69 | 70 | return True |
|
|
71 | ||
|
|
70 | 72 | tusers = self.trusted_users |
|
|
71 | 73 | tgroups = self.trusted_groups |
|
|
72 |
if n |
|
|
|
73 | user = util.username() | |
|
|
74 | if user is not None: | |
|
|
75 | self.trusted_users[user] = 1 | |
|
|
76 | self.fixconfig(section='trusted') | |
|
|
77 | if (tusers or tgroups) and '*' not in tusers and '*' not in tgroups: | |
|
|
78 | user = util.username(st.st_uid) | |
|
|
79 | group = util.groupname(st.st_gid) | |
|
|
80 | if user not in tusers and group not in tgroups: | |
|
|
81 | if warn and self.report_untrusted: | |
|
|
82 | self.warn(_('Not trusting file %s from untrusted ' | |
|
|
83 | 'user %s, group %s\n') % (f, user, group)) | |
|
|
84 | return False | |
|
|
85 | return True | |
|
|
74 | if '*' in tusers or '*' in tgroups: | |
|
|
75 | return True | |
|
|
76 | ||
|
|
77 | user = util.username(st.st_uid) | |
|
|
78 | group = util.groupname(st.st_gid) | |
|
|
79 | if user in tusers or group in tgroups or user == util.username(): | |
|
|
80 | return True | |
|
|
81 | ||
|
|
82 | if self.report_untrusted: | |
|
|
83 | self.warn(_('Not trusting file %s from untrusted ' | |
|
|
84 | 'user %s, group %s\n') % (f, user, group)) | |
|
|
85 | return False | |
|
|
86 | 86 | |
|
|
87 | 87 | def readconfig(self, fn, root=None, assumetrusted=False): |
|
|
88 | 88 | cdata = util.configparser() |
| @@ -175,7 +175,7 b' class ui(object):' | |||
|
|
175 | 175 | self.traceback = self.configbool('ui', 'traceback', False) |
|
|
176 | 176 | |
|
|
177 | 177 | # update trust information |
|
|
178 |
if |
|
|
|
178 | if section is None or section == 'trusted': | |
|
|
179 | 179 | for user in self.configlist('trusted', 'users'): |
|
|
180 | 180 | self.trusted_users[user] = 1 |
|
|
181 | 181 | for group in self.configlist('trusted', 'groups'): |
| @@ -143,10 +143,9 b' untrusted' | |||
|
|
143 | 143 | |
|
|
144 | 144 | # Can't figure out the name of the user running this process |
|
|
145 | 145 | # different user, different group |
|
|
146 | Not trusting file .hg/hgrc from untrusted user abc, group def | |
|
|
146 | 147 | trusted |
|
|
147 | 148 | global = /some/path |
|
|
148 | interpolated = /some/path/another/path | |
|
|
149 | local = /another/path | |
|
|
150 | 149 | untrusted |
|
|
151 | 150 | . . global = /some/path |
|
|
152 | 151 | . . interpolated = /some/path/another/path |
General Comments 0
You need to be logged in to leave comments.
Login now