From: Joey Hess Date: Tue, 27 Sep 2011 21:28:07 +0000 (-0400) Subject: Allow untrusted mrconfig files to set parameters to true/false X-Git-Url: https://git.madduck.net/code/myrepos.git/commitdiff_plain/b1bcef3dd99ffcc1d7140fad5b3a72bebff4a571 Allow untrusted mrconfig files to set parameters to true/false * Allow untrusted mrconfig files to set parameters to true/false. So skip=true or deleted=true canbe used in an untrusted mrconfig file. * Also allow order=N in an untrusted mrconfig file. --- diff --git a/debian/changelog b/debian/changelog index 68a67c2..766b8da 100644 --- a/debian/changelog +++ b/debian/changelog @@ -6,6 +6,9 @@ mr (1.05) UNRELEASED; urgency=low * README now gives a quick into to using mr. * Brought back the "deleted" parameter, which provides an easy way to mark repositories that should be removed. + * Allow untrusted mrconfig files to set parameters to true/false. + So skip=true or deleted=true canbe used in an untrusted mrconfig file. + * Also allow order=N in an untrusted mrconfig file. -- Joey Hess Fri, 05 Aug 2011 13:29:21 -0400 diff --git a/mr b/mr index bd6c2d7..d5424ca 100755 --- a/mr +++ b/mr @@ -1184,13 +1184,23 @@ sub loadconfig { } if (! $trusted) { - # Untrusted files can only contain checkout - # parameters. - if ($parameter ne 'checkout') { - trusterror("mr: illegal setting \"$parameter=$value\"", $f, $line, $bootstrap_url); + # Untrusted files can only contain a few + # settings in specific known-safe formats. + if ($parameter eq 'checkout') { + if (! is_trusted_checkout($value)) { + trusterror("mr: illegal checkout command \"$value\"", $f, $line, $bootstrap_url); + } + } + elsif ($parameter eq 'order') { + # not interpreted as a command, so + # safe. } - if (! is_trusted_checkout($value)) { - trusterror("mr: illegal checkout command \"$value\"", $f, $line, $bootstrap_url); + elsif ($value eq 'true' || $value eq 'false') { + # skip=true , deleted=true etc are + # safe. + } + else { + trusterror("mr: illegal setting \"$parameter=$value\"", $f, $line, $bootstrap_url); } }