[Emacs-diffs] emacs-26 43fac3b 1/2: Make "unsafe directory" error message more informative (Bug#865)

[Noam Postavsky]

branch: emacs-26
commit 43fac3beae75a38cf758ec94039c0d7a4edc9399
Author: Noam Postavsky <address@hidden>
Commit: Noam Postavsky <address@hidden>

    Make "unsafe directory" error message more informative (Bug#865)
    
    * lisp/server.el (server-ensure-safe-dir): Produce a description for
    each "unsafe" condition.
---
 lisp/server.el | 47 ++++++++++++++++++++++++++---------------------
 1 file changed, 26 insertions(+), 21 deletions(-)

diff --git a/lisp/server.el b/lisp/server.el
index 8aafa1c..33800a9 100644
--- a/lisp/server.el
+++ b/lisp/server.el
@@ -525,30 +525,35 @@ Creates the directory if necessary and makes sure:
     ;; Check that it's safe for use.
     (let* ((uid (nth 2 attrs))
           (w32 (eq system-type 'windows-nt))
-          (safe (cond
-                 ((not (eq t (car attrs))) nil)  ; is a dir?
-                 ((and w32 (zerop uid))          ; on FAT32?
-                  (display-warning
-                   'server
-                   (format-message "\
+           (unsafe (cond
+                    ((not (eq t (car attrs)))
+                     (format "it is a %s" (if (stringp (car attrs))
+                                              "symlink" "file")))
+                    ((and w32 (zerop uid)) ; on FAT32?
+                     (display-warning
+                      'server
+                      (format-message "\
 Using `%s' to store Emacs-server authentication files.
 Directories on FAT32 filesystems are NOT secure against tampering.
 See variable `server-auth-dir' for details."
-                           (file-name-as-directory dir))
-                   :warning)
-                  t)
-                 ((and (/= uid (user-uid))       ; is the dir ours?
-                       (or (not w32)
-                           ;; Files created on Windows by Administrator
-                           ;; (RID=500) have the Administrators (RID=544)
-                           ;; group recorded as the owner.
-                           (/= uid 544) (/= (user-uid) 500)))
-                  nil)
-                 (w32 t)                         ; on NTFS?
-                 (t                              ; else, check permissions
-                  (zerop (logand ?\077 (file-modes dir)))))))
-      (unless safe
-       (error "The directory `%s' is unsafe" dir)))))
+                                      (file-name-as-directory dir))
+                      :warning)
+                     nil)
+                    ((and (/= uid (user-uid)) ; is the dir ours?
+                          (or (not w32)
+                              ;; Files created on Windows by Administrator
+                              ;; (RID=500) have the Administrators (RID=544)
+                              ;; group recorded as the owner.
+                              (/= uid 544) (/= (user-uid) 500)))
+                     (format "it is not owned by you (owner = %s (%d))"
+                             (user-full-name (user-uid)) (user-uid)))
+                    (w32 nil)           ; on NTFS?
+                    ((/= 0 (logand ?\077 (file-modes dir)))
+                     (format "it is accessible by others (%03o)"
+                             (file-modes dir)))
+                    (t nil))))
+      (when unsafe
+        (error "`%s' is not a safe directory because %s" dir unsafe)))))
 
 (defun server-generate-key ()
   "Generate and return a random authentication key.