Zsh Mailing List Archive Messages sorted by: Reverse Date, Date, Thread, Author

compaudit

X-seq: zsh-workers 30743
From: Peter Stephenson <p.w.stephenson@xxxxxxxxxxxx>
To: zsh workers <zsh-workers@xxxxxxx>
Subject: compaudit
Date: Tue, 23 Oct 2012 17:21:20 +0100
List-help: <mailto:zsh-workers-help@zsh.org>
List-id: Zsh Workers List <zsh-workers.zsh.org>
List-post: <mailto:zsh-workers@zsh.org>
Mailing-list: contact zsh-workers-help@xxxxxxx; run by ezmlm

Just while it's in my mind...

  zsh compinit: insecure directories and files, run compaudit for list.
  Ignore insecure directories and files and continue [y] or abort compinit [n]?

It occurs to me this is too draconian in the case where the files are
owned by the same user who owns the zsh binary.  At worst we should
report 'zsh installed by unprivileged user x, OK to continue with
compinit?' rather than either ignore all the files or abort completely.
Either you trust the user who installed the shell or you don't.

pws

Messages sorted by: Reverse Date, Date, Thread, Author