45 lines
1.8 KiB
Bash
45 lines
1.8 KiB
Bash
# Handle completions insecurities (i.e., completion-dependent directories with
|
|
# insecure ownership or permissions) by:
|
|
#
|
|
# * Human-readably notifying the user of these insecurities.
|
|
function handle_completion_insecurities() {
|
|
# List of the absolute paths of all unique insecure directories, split on
|
|
# newline from compaudit()'s output resembling:
|
|
#
|
|
# There are insecure directories:
|
|
# /usr/share/zsh/site-functions
|
|
# /usr/share/zsh/5.0.6/functions
|
|
# /usr/share/zsh
|
|
# /usr/share/zsh/5.0.6
|
|
#
|
|
# Since the ignorable first line is printed to stderr and thus not captured,
|
|
# stderr is squelched to prevent this output from leaking to the user.
|
|
local -aU insecure_dirs
|
|
insecure_dirs=( ${(f@):-"$(compaudit 2>/dev/null)"} )
|
|
|
|
# If no such directories exist, get us out of here.
|
|
(( ! ${#insecure_dirs} )) && return
|
|
|
|
# List ownership and permissions of all insecure directories.
|
|
print "[oh-my-zsh] Insecure completion-dependent directories detected:"
|
|
ls -ld "${(@)insecure_dirs}"
|
|
|
|
cat <<EOD
|
|
|
|
[oh-my-zsh] For safety, we will not load completions from these directories until
|
|
[oh-my-zsh] you fix their permissions and ownership and restart zsh.
|
|
[oh-my-zsh] See the above list for directories with group or other writability.
|
|
|
|
[oh-my-zsh] To fix your permissions you can do so by disabling
|
|
[oh-my-zsh] the write permission of "group" and "others" and making sure that the
|
|
[oh-my-zsh] owner of these directories is either root or your current user.
|
|
[oh-my-zsh] The following command may help:
|
|
[oh-my-zsh] compaudit | xargs chmod g-w,o-w
|
|
|
|
[oh-my-zsh] If the above didn't help or you want to skip the verification of
|
|
[oh-my-zsh] insecure directories you can set the variable ZSH_DISABLE_COMPFIX to
|
|
[oh-my-zsh] "true" before oh-my-zsh is sourced in your zshrc file.
|
|
|
|
EOD
|
|
}
|