[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Emacs-diffs] emacs-26 43fac3b 1/2: Make "unsafe directory" error messag
From: |
Noam Postavsky |
Subject: |
[Emacs-diffs] emacs-26 43fac3b 1/2: Make "unsafe directory" error message more informative (Bug#865) |
Date: |
Sat, 30 Sep 2017 20:11:49 -0400 (EDT) |
branch: emacs-26
commit 43fac3beae75a38cf758ec94039c0d7a4edc9399
Author: Noam Postavsky <address@hidden>
Commit: Noam Postavsky <address@hidden>
Make "unsafe directory" error message more informative (Bug#865)
* lisp/server.el (server-ensure-safe-dir): Produce a description for
each "unsafe" condition.
---
lisp/server.el | 47 ++++++++++++++++++++++++++---------------------
1 file changed, 26 insertions(+), 21 deletions(-)
diff --git a/lisp/server.el b/lisp/server.el
index 8aafa1c..33800a9 100644
--- a/lisp/server.el
+++ b/lisp/server.el
@@ -525,30 +525,35 @@ Creates the directory if necessary and makes sure:
;; Check that it's safe for use.
(let* ((uid (nth 2 attrs))
(w32 (eq system-type 'windows-nt))
- (safe (cond
- ((not (eq t (car attrs))) nil) ; is a dir?
- ((and w32 (zerop uid)) ; on FAT32?
- (display-warning
- 'server
- (format-message "\
+ (unsafe (cond
+ ((not (eq t (car attrs)))
+ (format "it is a %s" (if (stringp (car attrs))
+ "symlink" "file")))
+ ((and w32 (zerop uid)) ; on FAT32?
+ (display-warning
+ 'server
+ (format-message "\
Using `%s' to store Emacs-server authentication files.
Directories on FAT32 filesystems are NOT secure against tampering.
See variable `server-auth-dir' for details."
- (file-name-as-directory dir))
- :warning)
- t)
- ((and (/= uid (user-uid)) ; is the dir ours?
- (or (not w32)
- ;; Files created on Windows by Administrator
- ;; (RID=500) have the Administrators (RID=544)
- ;; group recorded as the owner.
- (/= uid 544) (/= (user-uid) 500)))
- nil)
- (w32 t) ; on NTFS?
- (t ; else, check permissions
- (zerop (logand ?\077 (file-modes dir)))))))
- (unless safe
- (error "The directory `%s' is unsafe" dir)))))
+ (file-name-as-directory dir))
+ :warning)
+ nil)
+ ((and (/= uid (user-uid)) ; is the dir ours?
+ (or (not w32)
+ ;; Files created on Windows by Administrator
+ ;; (RID=500) have the Administrators (RID=544)
+ ;; group recorded as the owner.
+ (/= uid 544) (/= (user-uid) 500)))
+ (format "it is not owned by you (owner = %s (%d))"
+ (user-full-name (user-uid)) (user-uid)))
+ (w32 nil) ; on NTFS?
+ ((/= 0 (logand ?\077 (file-modes dir)))
+ (format "it is accessible by others (%03o)"
+ (file-modes dir)))
+ (t nil))))
+ (when unsafe
+ (error "`%s' is not a safe directory because %s" dir unsafe)))))
(defun server-generate-key ()
"Generate and return a random authentication key.