GNU bug report logs -
#865
23.0.60; The directory is unsafe today
Previous Next
Full log
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
"Lennart Borgman (gmail)" <lennart.borgman <at> gmail.com> writes:
> server-ensure-safe-dir complained today during server-start. Examining
> the values in server-ensure-safe-dir I found the following:
I don't know how to solve this bug, but I recently handled a similar bug
report from a macOS user[1] (still open, it's intermittent so very slow
to track down) and I found the error message rather unhelpful. I'll
push the following to emacs-26 in a few days if there are no objections.
[0001-Make-unsafe-directory-error-message-more-informative.patch (text/x-diff, inline)]
From b8e526e3861e64115f1458b2e53c2c0a838eb25d Mon Sep 17 00:00:00 2001
From: Noam Postavsky <npostavs <at> gmail.com>
Date: Sun, 27 Aug 2017 23:09:32 -0400
Subject: [PATCH] Make "unsafe directory" error message more informative
(Bug#865)
* lisp/server.el (server-ensure-safe-dir): Produce a description for
each "unsafe" condition.
---
lisp/server.el | 47 ++++++++++++++++++++++++++---------------------
1 file changed, 26 insertions(+), 21 deletions(-)
diff --git a/lisp/server.el b/lisp/server.el
index 8aafa1c257..33800a9868 100644
--- a/lisp/server.el
+++ b/lisp/server.el
@@ -525,30 +525,35 @@ server-ensure-safe-dir
;; Check that it's safe for use.
(let* ((uid (nth 2 attrs))
(w32 (eq system-type 'windows-nt))
- (safe (cond
- ((not (eq t (car attrs))) nil) ; is a dir?
- ((and w32 (zerop uid)) ; on FAT32?
- (display-warning
- 'server
- (format-message "\
+ (unsafe (cond
+ ((not (eq t (car attrs)))
+ (format "it is a %s" (if (stringp (car attrs))
+ "symlink" "file")))
+ ((and w32 (zerop uid)) ; on FAT32?
+ (display-warning
+ 'server
+ (format-message "\
Using `%s' to store Emacs-server authentication files.
Directories on FAT32 filesystems are NOT secure against tampering.
See variable `server-auth-dir' for details."
- (file-name-as-directory dir))
- :warning)
- t)
- ((and (/= uid (user-uid)) ; is the dir ours?
- (or (not w32)
- ;; Files created on Windows by Administrator
- ;; (RID=500) have the Administrators (RID=544)
- ;; group recorded as the owner.
- (/= uid 544) (/= (user-uid) 500)))
- nil)
- (w32 t) ; on NTFS?
- (t ; else, check permissions
- (zerop (logand ?\077 (file-modes dir)))))))
- (unless safe
- (error "The directory `%s' is unsafe" dir)))))
+ (file-name-as-directory dir))
+ :warning)
+ nil)
+ ((and (/= uid (user-uid)) ; is the dir ours?
+ (or (not w32)
+ ;; Files created on Windows by Administrator
+ ;; (RID=500) have the Administrators (RID=544)
+ ;; group recorded as the owner.
+ (/= uid 544) (/= (user-uid) 500)))
+ (format "it is not owned by you (owner = %s (%d))"
+ (user-full-name (user-uid)) (user-uid)))
+ (w32 nil) ; on NTFS?
+ ((/= 0 (logand ?\077 (file-modes dir)))
+ (format "it is accessible by others (%03o)"
+ (file-modes dir)))
+ (t nil))))
+ (when unsafe
+ (error "`%s' is not a safe directory because %s" dir unsafe)))))
(defun server-generate-key ()
"Generate and return a random authentication key.
--
2.11.0
[Message part 3 (text/plain, inline)]
[1]: https://github.com/magit/magit/issues/3148
This bug report was last modified 7 years and 236 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.