Add allow_symlinks_before_srcdir config setting
can be used to avoid a security check that is a good safe default, but problimatic overkill in some situations. I decided to underdocument this, because the option looks ugly, and I don't want people randomly turning it on because it looks like a good idea. So if you need it, you'll get an error message mentioning how to fix it.master
parent
e630e7507e
commit
c2a2f71508
|
@ -245,11 +245,11 @@ sub prune ($) { #{{{
|
||||||
} #}}}
|
} #}}}
|
||||||
|
|
||||||
sub refresh () { #{{{
|
sub refresh () { #{{{
|
||||||
# security check, avoid following symlinks in the srcdir path
|
# security check, avoid following symlinks in the srcdir path by default
|
||||||
my $test=$config{srcdir};
|
my $test=$config{srcdir};
|
||||||
while (length $test) {
|
while (length $test) {
|
||||||
if (-l $test) {
|
if (-l $test && ! $config{allow_symlinks_before_srcdir}) {
|
||||||
error("symlink found in srcdir path ($test)");
|
error("symlink found in srcdir path ($test) -- set allow_symlinks_before_srcdir to allow this");
|
||||||
}
|
}
|
||||||
unless ($test=~s/\/+$//) {
|
unless ($test=~s/\/+$//) {
|
||||||
$test=dirname($test);
|
$test=dirname($test);
|
||||||
|
|
|
@ -8,6 +8,9 @@ ikiwiki (2.55) UNRELEASED; urgency=low
|
||||||
* Really fix bug with links to pages with names containing colons.
|
* Really fix bug with links to pages with names containing colons.
|
||||||
Previous fix mised a few cases.
|
Previous fix mised a few cases.
|
||||||
* Avoid troublesome abs_path calls in wrapper setup.
|
* Avoid troublesome abs_path calls in wrapper setup.
|
||||||
|
* Add allow_symlinks_before_srcdir config setting that can be used to avoid
|
||||||
|
a security check that is a good safe default, but problimatic overkill in
|
||||||
|
some situations.
|
||||||
|
|
||||||
-- Joey Hess <joeyh@debian.org> Mon, 21 Jul 2008 11:35:46 -0400
|
-- Joey Hess <joeyh@debian.org> Mon, 21 Jul 2008 11:35:46 -0400
|
||||||
|
|
||||||
|
|
|
@ -80,6 +80,8 @@ Is there a huge objection to this patch?
|
||||||
> the `srcdir`.
|
> the `srcdir`.
|
||||||
> --[[Joey]]
|
> --[[Joey]]
|
||||||
|
|
||||||
|
>> Slightly modified version of patch applied. --[[Joey]]
|
||||||
|
|
||||||
>> Ok, I'll try to get it cleaned up and documented.
|
>> Ok, I'll try to get it cleaned up and documented.
|
||||||
|
|
||||||
There is a second location where this can be an issue. That is in the
|
There is a second location where this can be an issue. That is in the
|
||||||
|
@ -133,3 +135,5 @@ like this being accepted before I bothered.
|
||||||
>>> Patch using rel2abs() works well - it no longer expands symlinks.
|
>>> Patch using rel2abs() works well - it no longer expands symlinks.
|
||||||
|
|
||||||
>>>> That patch is applied now. --[[Joey]]
|
>>>> That patch is applied now. --[[Joey]]
|
||||||
|
|
||||||
|
[[tag done]]
|
Loading…
Reference in New Issue