1
1

2010-06-20 Chris Allegretta <chrisa@asty.org>

* New option allow_insecure_backup, allows the previous security
          fixes for backup files to be overridden if you're really positive
          you want to.  Fixes Savannah bug 29732 by Brian Szymanski <skibrianski>.



git-svn-id: svn://svn.savannah.gnu.org/nano/trunk/nano@4508 35c25a1d-7b9e-4130-9fde-d3aeb78583b8
Этот коммит содержится в:
Chris Allegretta 2010-06-21 03:10:10 +00:00
родитель 86be3af75f
Коммит 0acca27ac7
6 изменённых файлов: 16 добавлений и 3 удалений

Просмотреть файл

@ -1,3 +1,8 @@
2010-06-20 Chris Allegretta <chrisa@asty.org>
* New rc file option allow_insecure_backup, allows the previous security
fixes for backup files to be overridden if you're really positive
you want to. Fixes Savannah bug 29732 by Brian Szymanski <skibrianski>.
2010-05-23 Chris Allegretta <chrisa@asty.org>
* files.c (write_file): Don't even try to chown() the backup
file unless we're root, since it's probably going to fail if

Просмотреть файл

@ -57,6 +57,11 @@ match \fI"\fP, \fI'\fP, \fI)\fP, \fI>\fP, \fI]\fP, and \fI}\fP.
The supported commands and arguments are:
.TP 3
.B set/unset allow_insecure_backup
When backing up files, allow the backup to succeed even if its permissions
can't be (re)set due to special OS considerations. You should
NOT enable this option unless you are sure you need it.
.TP
.B set/unset autoindent
Use auto-indentation.
.TP

Просмотреть файл

@ -4,7 +4,7 @@ syntax "nanorc" "\.?nanorc$"
## Possible errors and parameters
icolor brightwhite "^[[:space:]]*((un)?set|include|syntax|i?color).*$"
## Keywords
icolor brightgreen "^[[:space:]]*(set|unset)[[:space:]]+(autoindent|backup|backupdir|backwards|boldtext|brackets|casesensitive|const|cut|fill|historylog|matchbrackets|morespace|mouse|multibuffer|noconvert|nofollow|nohelp|nonewlines|nowrap|operatingdir|preserve|punct)\>" "^[[:space:]]*(set|unset)[[:space:]]+(quickblank|quotestr|rebinddelete|rebindkeypad|regexp|smarthome|smooth|softwrap|speller|suspend|suspendenable|tabsize|tabstospaces|tempfile|undo|view|whitespace|wordbounds)\>"
icolor brightgreen "^[[:space:]]*(set|unset)[[:space:]]+(allow_insecure_backup|autoindent|backup|backupdir|backwards|boldtext|brackets|casesensitive|const|cut|fill|historylog|matchbrackets|morespace|mouse|multibuffer|noconvert|nofollow|nohelp|nonewlines|nowrap|operatingdir|preserve|punct)\>" "^[[:space:]]*(set|unset)[[:space:]]+(quickblank|quotestr|rebinddelete|rebindkeypad|regexp|smarthome|smooth|softwrap|speller|suspend|suspendenable|tabsize|tabstospaces|tempfile|undo|view|whitespace|wordbounds)\>"
icolor green "^[[:space:]]*(set|unset|include|syntax|header)\>"
## Colors
icolor yellow "^[[:space:]]*i?color[[:space:]]*(bright)?(white|black|red|blue|green|yellow|magenta|cyan)?(,(white|black|red|blue|green|yellow|magenta|cyan))?\>"

Просмотреть файл

@ -1615,7 +1615,8 @@ bool write_file(const char *name, FILE *f_open, bool tmp, append_type
/* We shouldn't worry about chown()ing something if we're not
root, since it's likely to fail! */
if (geteuid() == NANO_ROOT_UID && fchown(backup_fd,
openfile->current_stat->st_uid, openfile->current_stat->st_gid) == -1 ) {
openfile->current_stat->st_uid, openfile->current_stat->st_gid) == -1
&& !ISSET(INSECURE_BACKUP)) {
statusbar(_("Error writing backup file %s: %s"), backupname,
strerror(errno));
free(backupname);
@ -1623,7 +1624,7 @@ bool write_file(const char *name, FILE *f_open, bool tmp, append_type
goto cleanup_and_exit;
}
if (fchmod(backup_fd, openfile->current_stat->st_mode) == -1) {
if (fchmod(backup_fd, openfile->current_stat->st_mode) == -1 && !ISSET(INSECURE_BACKUP)) {
statusbar(_("Error writing backup file %s: %s"), backupname,
strerror(errno));
free(backupname);

Просмотреть файл

@ -480,6 +480,7 @@ enum
REBIND_KEYPAD,
NO_CONVERT,
BACKUP_FILE,
INSECURE_BACKUP,
NO_COLOR_SYNTAX,
PRESERVE,
HISTORYLOG,

Просмотреть файл

@ -77,6 +77,7 @@ static const rcoption rcopts[] = {
#ifndef NANO_TINY
{"autoindent", AUTOINDENT},
{"backup", BACKUP_FILE},
{"allow_insecure_backup", INSECURE_BACKUP},
{"backupdir", 0},
{"backwards", BACKWARDS_SEARCH},
{"casesensitive", CASE_SENSITIVE},