diff options
| author | Noam Postavsky | 2017-08-27 23:09:32 -0400 |
|---|---|---|
| committer | Noam Postavsky | 2017-09-30 20:01:33 -0400 |
| commit | 43fac3beae75a38cf758ec94039c0d7a4edc9399 (patch) | |
| tree | cd9a0eff377b3be4138c592e6fdc39bf37ad1793 | |
| parent | c59ddb212055609ec0c402708a2514ee6a30e836 (diff) | |
| download | emacs-43fac3beae75a38cf758ec94039c0d7a4edc9399.tar.gz emacs-43fac3beae75a38cf758ec94039c0d7a4edc9399.zip | |
Make "unsafe directory" error message more informative (Bug#865)
* lisp/server.el (server-ensure-safe-dir): Produce a description for
each "unsafe" condition.
| -rw-r--r-- | lisp/server.el | 47 |
1 files changed, 26 insertions, 21 deletions
diff --git a/lisp/server.el b/lisp/server.el index 8aafa1c2570..33800a98682 100644 --- a/lisp/server.el +++ b/lisp/server.el | |||
| @@ -525,30 +525,35 @@ Creates the directory if necessary and makes sure: | |||
| 525 | ;; Check that it's safe for use. | 525 | ;; Check that it's safe for use. |
| 526 | (let* ((uid (nth 2 attrs)) | 526 | (let* ((uid (nth 2 attrs)) |
| 527 | (w32 (eq system-type 'windows-nt)) | 527 | (w32 (eq system-type 'windows-nt)) |
| 528 | (safe (cond | 528 | (unsafe (cond |
| 529 | ((not (eq t (car attrs))) nil) ; is a dir? | 529 | ((not (eq t (car attrs))) |
| 530 | ((and w32 (zerop uid)) ; on FAT32? | 530 | (format "it is a %s" (if (stringp (car attrs)) |
| 531 | (display-warning | 531 | "symlink" "file"))) |
| 532 | 'server | 532 | ((and w32 (zerop uid)) ; on FAT32? |
| 533 | (format-message "\ | 533 | (display-warning |
| 534 | 'server | ||
| 535 | (format-message "\ | ||
| 534 | Using `%s' to store Emacs-server authentication files. | 536 | Using `%s' to store Emacs-server authentication files. |
| 535 | Directories on FAT32 filesystems are NOT secure against tampering. | 537 | Directories on FAT32 filesystems are NOT secure against tampering. |
| 536 | See variable `server-auth-dir' for details." | 538 | See variable `server-auth-dir' for details." |
| 537 | (file-name-as-directory dir)) | 539 | (file-name-as-directory dir)) |
| 538 | :warning) | 540 | :warning) |
| 539 | t) | 541 | nil) |
| 540 | ((and (/= uid (user-uid)) ; is the dir ours? | 542 | ((and (/= uid (user-uid)) ; is the dir ours? |
| 541 | (or (not w32) | 543 | (or (not w32) |
| 542 | ;; Files created on Windows by Administrator | 544 | ;; Files created on Windows by Administrator |
| 543 | ;; (RID=500) have the Administrators (RID=544) | 545 | ;; (RID=500) have the Administrators (RID=544) |
| 544 | ;; group recorded as the owner. | 546 | ;; group recorded as the owner. |
| 545 | (/= uid 544) (/= (user-uid) 500))) | 547 | (/= uid 544) (/= (user-uid) 500))) |
| 546 | nil) | 548 | (format "it is not owned by you (owner = %s (%d))" |
| 547 | (w32 t) ; on NTFS? | 549 | (user-full-name (user-uid)) (user-uid))) |
| 548 | (t ; else, check permissions | 550 | (w32 nil) ; on NTFS? |
| 549 | (zerop (logand ?\077 (file-modes dir))))))) | 551 | ((/= 0 (logand ?\077 (file-modes dir))) |
| 550 | (unless safe | 552 | (format "it is accessible by others (%03o)" |
| 551 | (error "The directory `%s' is unsafe" dir))))) | 553 | (file-modes dir))) |
| 554 | (t nil)))) | ||
| 555 | (when unsafe | ||
| 556 | (error "`%s' is not a safe directory because %s" dir unsafe))))) | ||
| 552 | 557 | ||
| 553 | (defun server-generate-key () | 558 | (defun server-generate-key () |
| 554 | "Generate and return a random authentication key. | 559 | "Generate and return a random authentication key. |