]>
git.madduck.net Git - code/myrepos.git/blobdiff - mr
madduck's git repository
Every one of the projects in this repository is available at the canonical
URL git://git.madduck.net/madduck/pub/<projectpath> — see
each project's metadata for the exact URL.
All patches and comments are welcome. Please squash your changes to logical
commits before using git-format-patch and git-send-email to
patches@ git. madduck. net .
If you'd read over the Git project's submission guidelines and adhered to them,
I'd be especially grateful.
SSH access, as well as push access can be individually
arranged .
If you use my repositories frequently, consider adding the following
snippet to ~/.gitconfig and using the third clone URL listed for each
project:
[url "git://git.madduck.net/madduck/"]
insteadOf = madduck:
ssh connection limits. Running between 3 and 5 jobs at a time will yield
a good speedup in updates without loading the machine too much.
ssh connection limits. Running between 3 and 5 jobs at a time will yield
a good speedup in updates without loading the machine too much.
+=item -t
+
+Trust all mrconfig files even if they are not listed in ~/.mrtrust.
+Use with caution.
+
=back
=head1 "MRCONFIG FILES"
=back
=head1 "MRCONFIG FILES"
Since mrconfig files can contain arbitrary shell commands, they can do
anything. This flexability is good, but it also allows a malicious mrconfig
file to delete your whole home directory. Such a file might be contained
Since mrconfig files can contain arbitrary shell commands, they can do
anything. This flexability is good, but it also allows a malicious mrconfig
file to delete your whole home directory. Such a file might be contained
-inside a repository that your main ~/.mrconfig checks out. To avoid worries
-about a malicious change being committed to such a file, mr has the ability
-to read mrconfig files in untrusted mode. Such files are limited to running
-only known safe commands (like "git clone").
+inside a repository that your main ~/.mrconfig checks out and chains to. To
+avoid worries about evil commands in a mrconfig file, mr
+has the ability to read mrconfig files in untrusted mode. Such files are
+limited to running only known safe commands (like "git clone") in a
+carefully checked manner.
By default, mr trusts all mrconfig files. (This default will change in a
future release!) But if you have a ~/.mrtrust file, mr will only trust
By default, mr trusts all mrconfig files. (This default will change in a
future release!) But if you have a ~/.mrtrust file, mr will only trust
my $max_depth;
my $no_chdir=0;
my $jobs=1;
my $max_depth;
my $no_chdir=0;
my $jobs=1;
my $directory=getcwd();
$ENV{MR_CONFIG}="$ENV{HOME}/.mrconfig";
my $directory=getcwd();
$ENV{MR_CONFIG}="$ENV{HOME}/.mrconfig";
# We always trust ~/.mrconfig.
return 1 if $config eq abs_path("$ENV{HOME}/.mrconfig");
# We always trust ~/.mrconfig.
return 1 if $config eq abs_path("$ENV{HOME}/.mrconfig");
+ return 1 if $trust_all;
+
my $trustfile=$ENV{HOME}."/.mrtrust";
if (! -e $trustfile) {
my $trustfile=$ENV{HOME}."/.mrtrust";
if (! -e $trustfile) {
"i|interactive" => \$interactive,
"n|no-recurse:i" => \$max_depth,
"j|jobs:i" => \$jobs,
"i|interactive" => \$interactive,
"n|no-recurse:i" => \$max_depth,
"j|jobs:i" => \$jobs,
+ "t|trust-all" => \$trust_all,
);
if (! $result || @ARGV < 1) {
die("Usage: mr [options] action [params ...]\n".
);
if (! $result || @ARGV < 1) {
die("Usage: mr [options] action [params ...]\n".
projects / code / myrepos.git / blobdiff