FIX: cask changes /usr/local ownership recursively

Relatively old code in Hbc::Caskroom recursively changes the ownership of the directory where the Caskroom directory exists, that changes entire files in /usr/local to user:staff if Homebrew setup with default configuration. This is really dangerous because it's easy to trigger (just simply type `brew cask something` by following some installation documentation.) This patch removes entire `chown` with -R option and make the logic simply creating Caskroom directory with default Homebrew directories ownership and permission.
2016-10-09 13:27:31 -07:00 · 2016-10-09 13:27:31 -07:00 · d00f35b8c4
commit d00f35b8c4
parent 0546d90e3d
1 changed files with 12 additions and 19 deletions
--- a/Library/Homebrew/cask/lib/hbc/caskroom.rb
+++ b/Library/Homebrew/cask/lib/hbc/caskroom.rb
@ -13,7 +13,7 @@ module Hbc
        FileUtils.mv repo_caskroom, Hbc.caskroom
      else
        opoo "#{Hbc.caskroom.parent} is not writable, sudo is needed to move the Caskroom."
-        system "/usr/bin/sudo", "--", "/bin/mv", "--", repo_caskroom.to_s, Hbc.caskroom.parent.to_s
+        sudo "/bin/mv", repo_caskroom.to_s, Hbc.caskroom.parent.to_s
      end
    end

@ -21,24 +21,17 @@ module Hbc
      return if Hbc.caskroom.exist?

      ohai "Creating Caskroom at #{Hbc.caskroom}"
-      if Hbc.caskroom.parent.writable?
-        Hbc.caskroom.mkpath
-      else
-        ohai "We'll set permissions properly so we won't need sudo in the future"
-        toplevel_dir = Hbc.caskroom
-        toplevel_dir = toplevel_dir.parent until toplevel_dir.parent.root?
-        unless toplevel_dir.directory?
-          # If a toplevel dir such as '/opt' must be created, enforce standard permissions.
-          # sudo in system is rude.
-          system "/usr/bin/sudo", "--", "/bin/mkdir", "--",         toplevel_dir
-          system "/usr/bin/sudo", "--", "/bin/chmod", "--", "0775", toplevel_dir
-        end
-        # sudo in system is rude.
-        system "/usr/bin/sudo", "--", "/bin/mkdir", "-p", "--", Hbc.caskroom
-        unless Hbc.caskroom.parent == toplevel_dir
-          system "/usr/bin/sudo", "--", "/usr/sbin/chown", "-R", "--", "#{Utils.current_user}:staff", Hbc.caskroom.parent.to_s
-        end
-      end
+      ohai "We'll set permissions properly so we won't need sudo in the future"
+
+      sudo "/bin/mkdir", "-p", Hbc.caskroom
+      sudo "/bin/chmod", "g+rwx", Hbc.caskroom
+      sudo "/usr/sbin/chown", Utils.current_user, Hbc.caskroom
+      sudo "/usr/bin/chgrp", "admin", Hbc.caskroom
+    end
+
+    def sudo(*args)
+      ohai "/usr/bin/sudo #{args.join(" ")}"
+      system "/usr/bin/sudo", *args
    end
  end
 end