admin/brew
1
0
Fork 0
Code Issues Packages Projects Releases 6 Wiki Activity

FIX: cask changes /usr/local ownership recursively

Browse Source 
Relatively old code in Hbc::Caskroom recursively changes the ownership
of the directory where the Caskroom directory exists, that changes
entire files in /usr/local to user:staff if Homebrew setup with default
configuration.
This is really dangerous because it's easy to trigger (just simply type
`brew cask something` by following some installation documentation.)

This patch removes entire `chown` with -R option and make the logic
simply creating Caskroom directory with default Homebrew directories
ownership and permission.
This commit is contained in:
Yoshimasa Niwa 2016-10-09 13:27:31 -07:00
parent 0546d90e3d
commit d00f35b8c4
1 changed files with 12 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
Library/Homebrew/cask/lib/hbc/caskroom.rb
View File

@ -13,7 +13,7 @@ module Hbc
FileUtils.mv repo_caskroom, Hbc.caskroom FileUtils.mv repo_caskroom, Hbc.caskroom
else else
opoo "#{Hbc.caskroom.parent} is not writable, sudo is needed to move the Caskroom." opoo "#{Hbc.caskroom.parent} is not writable, sudo is needed to move the Caskroom."
system "/usr/bin/sudo", "--", "/bin/mv", "--", repo_caskroom.to_s, Hbc.caskroom.parent.to_s sudo "/bin/mv", repo_caskroom.to_s, Hbc.caskroom.parent.to_s
end end
end end
@ -21,24 +21,17 @@ module Hbc
return if Hbc.caskroom.exist? return if Hbc.caskroom.exist?
ohai "Creating Caskroom at #{Hbc.caskroom}" ohai "Creating Caskroom at #{Hbc.caskroom}"
if Hbc.caskroom.parent.writable? ohai "We'll set permissions properly so we won't need sudo in the future"
Hbc.caskroom.mkpath
else sudo "/bin/mkdir", "-p", Hbc.caskroom
ohai "We'll set permissions properly so we won't need sudo in the future" sudo "/bin/chmod", "g+rwx", Hbc.caskroom
toplevel_dir = Hbc.caskroom sudo "/usr/sbin/chown", Utils.current_user, Hbc.caskroom
toplevel_dir = toplevel_dir.parent until toplevel_dir.parent.root? sudo "/usr/bin/chgrp", "admin", Hbc.caskroom
unless toplevel_dir.directory? end
# If a toplevel dir such as '/opt' must be created, enforce standard permissions.
# sudo in system is rude. def sudo(*args)
system "/usr/bin/sudo", "--", "/bin/mkdir", "--", toplevel_dir ohai "/usr/bin/sudo #{args.join(" ")}"
system "/usr/bin/sudo", "--", "/bin/chmod", "--", "0775", toplevel_dir system "/usr/bin/sudo", *args
end
# sudo in system is rude.
system "/usr/bin/sudo", "--", "/bin/mkdir", "-p", "--", Hbc.caskroom
unless Hbc.caskroom.parent == toplevel_dir
system "/usr/bin/sudo", "--", "/usr/sbin/chown", "-R", "--", "#{Utils.current_user}:staff", Hbc.caskroom.parent.to_s
end
end
end end
end end
end end