| 1 |
On 10/27/2014 06:15 AM, Michael Palimaka wrote: |
| 2 |
> On 27/10/14 07:05, Zac Medico wrote: |
| 3 |
>> On 10/26/2014 12:31 PM, Michael Palimaka wrote: |
| 4 |
>>> I've sent updated patches based on the last feedback. Should I send a |
| 5 |
>>> new one with the aliases, and if so, should the portage checks use the |
| 6 |
>>> alias or real function? |
| 7 |
>> |
| 8 |
>> Considering Micha³'s plan to expose these functions to QA checks in |
| 9 |
>> repositories, it would make sense to go ahead and add expose the aliases |
| 10 |
>> in misc-functions.sh now. On the other hand, it makes sense to use the |
| 11 |
>> prefixed versions in all internal portage code, for consistency. So, I'd |
| 12 |
>> probably just wait until later to add the unprefixed versions. I don't |
| 13 |
>> have a strong opinion though. The new patch set that you posted looks |
| 14 |
>> good to me. |
| 15 |
> |
| 16 |
> That's fine, we can just add the alias when Micha³'s GLEP is finalised then. |
| 17 |
|
| 18 |
I've pushed your patches: |
| 19 |
|
| 20 |
https://github.com/gentoo/portage/commit/ab43c1944f0cb6bf43d5b40cceb2e8186645d347 |
| 21 |
https://github.com/gentoo/portage/commit/5c54f2b18112b779d5dcba30837b34aac74739e9 |
| 22 |
https://github.com/gentoo/portage/commit/01e148aac631a0d1c78968dea96ebd9ed94e5918 |
| 23 |
|
| 24 |
In the first patch, I wrapped lines inside __eqalog. |
| 25 |
|
| 26 |
In the last patch, I did some trivial fixups for quoting and globbing: |
| 27 |
|
| 28 |
diff --git a/bin/install-qa-check.d/90world-writable b/bin/install-qa-check.d/90world-writable |
| 29 |
index 4d5f4ab..490aaee 100644 |
| 30 |
--- a/bin/install-qa-check.d/90world-writable |
| 31 |
+++ b/bin/install-qa-check.d/90world-writable |
| 32 |
@@ -3,16 +3,17 @@ |
| 33 |
world_writable_check() { |
| 34 |
# Now we look for all world writable files. |
| 35 |
local unsafe_files=$(find "${ED}" -type f -perm -2 | sed -e "s:^${ED}:/:") |
| 36 |
- local OLDIFS x |
| 37 |
+ local OLDIFS x prev_shopts=$- |
| 38 |
|
| 39 |
OLDIFS=$IFS |
| 40 |
IFS=$'\n' |
| 41 |
+ set -f |
| 42 |
|
| 43 |
if [[ -n ${unsafe_files} ]] ; then |
| 44 |
eqawarn "QA Security Notice: world writable file(s):" |
| 45 |
|
| 46 |
for x in $unsafe_files ; do |
| 47 |
- __eqawarnlog world-writable $x |
| 48 |
+ __eqawarnlog world-writable "$x" |
| 49 |
done |
| 50 |
|
| 51 |
eqawarn "This may or may not be a security problem, most of the time it is one." |
| 52 |
@@ -25,12 +26,13 @@ world_writable_check() { |
| 53 |
eqawarn "QA Notice: Unsafe files detected (set*id and world writable)" |
| 54 |
|
| 55 |
for x in $unsafe_files ; do |
| 56 |
- __eqawarnlog world-writable-setid $x |
| 57 |
+ __eqawarnlog world-writable-setid "$x" |
| 58 |
done |
| 59 |
die "Unsafe files found in \${D}. Portage will not install them." |
| 60 |
fi |
| 61 |
|
| 62 |
IFS=OLDIFS |
| 63 |
+ [[ ${prev_shopts} == *f* ]] || set +f |
| 64 |
} |
| 65 |
|
| 66 |
world_writable_check |
| 67 |
|
| 68 |
-- |
| 69 |
Thanks, |
| 70 |
Zac |
Archives