From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!.POSTED!not-for-mail
From: Noam Postavsky <npostavs@users.sourceforge.net>
Newsgroups: gmane.emacs.bugs
Subject: bug#865: 23.0.60; The directory is unsafe today
Date: Sun, 24 Sep 2017 17:25:37 -0400
Message-ID: <87r2uvlrfy.fsf@users.sourceforge.net>
References: <48BD642C.5050405@gmail.com>
NNTP-Posting-Host: blaine.gmane.org
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
X-Trace: blaine.gmane.org 1506288379 31897 195.159.176.226 (24 Sep 2017 21:26:19 GMT)
X-Complaints-To: usenet@blaine.gmane.org
NNTP-Posting-Date: Sun, 24 Sep 2017 21:26:19 +0000 (UTC)
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.0.60 (gnu/linux)
Cc: 865@debbugs.gnu.org
To: "Lennart Borgman \(gmail\)" <lennart.borgman@gmail.com>
Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Sun Sep 24 23:26:09 2017
Return-path: <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>
Envelope-to: geb-bug-gnu-emacs@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by blaine.gmane.org with esmtp (Exim 4.84_2)
	(envelope-from <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>)
	id 1dwEPg-0007d7-MY
	for geb-bug-gnu-emacs@m.gmane.org; Sun, 24 Sep 2017 23:26:08 +0200
Original-Received: from localhost ([::1]:39495 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>)
	id 1dwEPn-0002J6-P5
	for geb-bug-gnu-emacs@m.gmane.org; Sun, 24 Sep 2017 17:26:15 -0400
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:44224)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1dwEPd-0002GQ-Kc
	for bug-gnu-emacs@gnu.org; Sun, 24 Sep 2017 17:26:07 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1dwEPa-0005aq-Dg
	for bug-gnu-emacs@gnu.org; Sun, 24 Sep 2017 17:26:05 -0400
Original-Received: from debbugs.gnu.org ([208.118.235.43]:47966)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1dwEPa-0005am-9D
	for bug-gnu-emacs@gnu.org; Sun, 24 Sep 2017 17:26:02 -0400
Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1dwEPZ-0004Er-TH
	for bug-gnu-emacs@gnu.org; Sun, 24 Sep 2017 17:26:01 -0400
X-Loop: help-debbugs@gnu.org
Resent-From: Noam Postavsky <npostavs@users.sourceforge.net>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Sun, 24 Sep 2017 21:26:01 +0000
Resent-Message-ID: <handler.865.B865.150628834816270@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 865
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: 
Original-Received: via spool by 865-submit@debbugs.gnu.org id=B865.150628834816270
	(code B ref 865); Sun, 24 Sep 2017 21:26:01 +0000
Original-Received: (at 865) by debbugs.gnu.org; 24 Sep 2017 21:25:48 +0000
Original-Received: from localhost ([127.0.0.1]:56647 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1dwEPK-0004EK-Qs
	for submit@debbugs.gnu.org; Sun, 24 Sep 2017 17:25:47 -0400
Original-Received: from mail-io0-f171.google.com ([209.85.223.171]:56383)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <npostavs@gmail.com>) id 1dwEPJ-0004E7-39
	for 865@debbugs.gnu.org; Sun, 24 Sep 2017 17:25:45 -0400
Original-Received: by mail-io0-f171.google.com with SMTP id m103so8183885iod.13
	for <865@debbugs.gnu.org>; Sun, 24 Sep 2017 14:25:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; 
	h=sender:from:to:cc:subject:references:date:in-reply-to:message-id
	:user-agent:mime-version;
	bh=2GSac+M5bEalxSbfihea+NAWp9QlkDElXPDv3DH4+B4=;
	b=Qq2GIqK01oKudaq/bPFn2FEh5LyEVn+9vIIT24bO02BJeb+TKSMuKTfl9z4YC7RJxk
	0c4UgsOQgqBWJEwbfRUETlpinf5GefU0rMdoZFFynZYHjR2k1YSbuFy+aj5QIONgJr+W
	aVFZ7DmNeV/LYtP1cRdCA/ILVJj85/9WPV6RkKGfpnZ84L6I0WvrecvrwIZeSLhwR4f0
	SwbEeqp5ywaqB7ByG4xHaYyxeUxO24sktkrEEqypvG0VMfD6GzFsbRjmXdoIn6V8XrF3
	81Ru+7EFoBbMxpJXGqrVf33+XWY5iN1yvOXmZELlvG6W9wW30EqZ7FQHhyBTEG3KeW3S
	zhlg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:sender:from:to:cc:subject:references:date
	:in-reply-to:message-id:user-agent:mime-version;
	bh=2GSac+M5bEalxSbfihea+NAWp9QlkDElXPDv3DH4+B4=;
	b=YBUDlJjcC6TTf6RZ1EOr1j3RFcRIPL1ykGu9AbKgSeH6Rcq/PwBkokISSAmq8I/Ard
	RzTt8RQqKq8TVd2MEVnNMqBTDSNwoWVRnxbO1K0OoHrRBENn8UCYd2aZvRpXNqsJlw1x
	UxsCIsPZM5HoWnazXh+auLp3vGsCGlqzHZW8ED3h7B0LC6UsZCahYhE8CjbUYEi8DTLA
	WkGvj+NvNDlKuBj1tvkow6bxGAdNf1C9QzIlyhq3CoXvaxi7Ntuz+eihoH7xWJSNSwXo
	dIO1O0xSY08HPVGHCENyfvFfjAIU/5RQC2h4/kkRQfmJA0eV/gPS28sftRkXxzCaVnSG
	iQfw==
X-Gm-Message-State: AHPjjUjyUv2tqsCh3ffdM0nhC1bS5vS5SVQEBEh11rTxNtMokbc8tA2n
	yzJy0IBXEszVNGKD/GEwLXp/bw==
X-Google-Smtp-Source: AOwi7QAiWwGG3s8Muc7RZ+eG1qqb4zzTtlmf2W5MQvSAZIu+ZI6n+GpdxOWOCSrXMhhCTlJtvRluWA==
X-Received: by 10.107.181.138 with SMTP id e132mr7312944iof.53.1506288339343; 
	Sun, 24 Sep 2017 14:25:39 -0700 (PDT)
Original-Received: from zebian ([45.2.119.34]) by smtp.googlemail.com with ESMTPSA id
	y63sm193485itc.44.2017.09.24.14.25.38
	(version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
	Sun, 24 Sep 2017 14:25:38 -0700 (PDT)
In-Reply-To: <48BD642C.5050405@gmail.com> (Lennart Borgman's message of "Tue, 
	02 Sep 2008 18:05:00 +0200")
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 208.118.235.43
X-BeenThere: bug-gnu-emacs@gnu.org
List-Id: "Bug reports for GNU Emacs,
	the Swiss army knife of text editors" <bug-gnu-emacs.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-gnu-emacs>,
	<mailto:bug-gnu-emacs-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/bug-gnu-emacs/>
List-Post: <mailto:bug-gnu-emacs@gnu.org>
List-Help: <mailto:bug-gnu-emacs-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-gnu-emacs>,
	<mailto:bug-gnu-emacs-request@gnu.org?subject=subscribe>
Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org
Original-Sender: "bug-gnu-emacs"
	<bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>
Xref: news.gmane.org gmane.emacs.bugs:137371
Archived-At: <http://permalink.gmane.org/gmane.emacs.bugs/137371>

--=-=-=
Content-Type: text/plain

"Lennart Borgman (gmail)" <lennart.borgman@gmail.com> writes:

> server-ensure-safe-dir complained today during server-start. Examining
> the values in server-ensure-safe-dir I found the following:

I don't know how to solve this bug, but I recently handled a similar bug
report from a macOS user[1] (still open, it's intermittent so very slow
to track down) and I found the error message rather unhelpful.  I'll
push the following to emacs-26 in a few days if there are no objections.


--=-=-=
Content-Type: text/x-diff
Content-Disposition: inline;
 filename=0001-Make-unsafe-directory-error-message-more-informative.patch
Content-Description: patch

>From b8e526e3861e64115f1458b2e53c2c0a838eb25d Mon Sep 17 00:00:00 2001
From: Noam Postavsky <npostavs@gmail.com>
Date: Sun, 27 Aug 2017 23:09:32 -0400
Subject: [PATCH] Make "unsafe directory" error message more informative
 (Bug#865)

* lisp/server.el (server-ensure-safe-dir): Produce a description for
each "unsafe" condition.
---
 lisp/server.el | 47 ++++++++++++++++++++++++++---------------------
 1 file changed, 26 insertions(+), 21 deletions(-)

diff --git a/lisp/server.el b/lisp/server.el
index 8aafa1c257..33800a9868 100644
--- a/lisp/server.el
+++ b/lisp/server.el
@@ -525,30 +525,35 @@ server-ensure-safe-dir
     ;; Check that it's safe for use.
     (let* ((uid (nth 2 attrs))
 	   (w32 (eq system-type 'windows-nt))
-	   (safe (cond
-		  ((not (eq t (car attrs))) nil)  ; is a dir?
-		  ((and w32 (zerop uid))	  ; on FAT32?
-		   (display-warning
-		    'server
-		    (format-message "\
+           (unsafe (cond
+                    ((not (eq t (car attrs)))
+                     (format "it is a %s" (if (stringp (car attrs))
+                                              "symlink" "file")))
+                    ((and w32 (zerop uid)) ; on FAT32?
+                     (display-warning
+                      'server
+                      (format-message "\
 Using `%s' to store Emacs-server authentication files.
 Directories on FAT32 filesystems are NOT secure against tampering.
 See variable `server-auth-dir' for details."
-			    (file-name-as-directory dir))
-		    :warning)
-		   t)
-		  ((and (/= uid (user-uid))	  ; is the dir ours?
-			(or (not w32)
-			    ;; Files created on Windows by Administrator
-			    ;; (RID=500) have the Administrators (RID=544)
-			    ;; group recorded as the owner.
-			    (/= uid 544) (/= (user-uid) 500)))
-		   nil)
-		  (w32 t)			  ; on NTFS?
-		  (t				  ; else, check permissions
-		   (zerop (logand ?\077 (file-modes dir)))))))
-      (unless safe
-	(error "The directory `%s' is unsafe" dir)))))
+                                      (file-name-as-directory dir))
+                      :warning)
+                     nil)
+                    ((and (/= uid (user-uid)) ; is the dir ours?
+                          (or (not w32)
+                              ;; Files created on Windows by Administrator
+                              ;; (RID=500) have the Administrators (RID=544)
+                              ;; group recorded as the owner.
+                              (/= uid 544) (/= (user-uid) 500)))
+                     (format "it is not owned by you (owner = %s (%d))"
+                             (user-full-name (user-uid)) (user-uid)))
+                    (w32 nil)           ; on NTFS?
+                    ((/= 0 (logand ?\077 (file-modes dir)))
+                     (format "it is accessible by others (%03o)"
+                             (file-modes dir)))
+                    (t nil))))
+      (when unsafe
+        (error "`%s' is not a safe directory because %s" dir unsafe)))))
 
 (defun server-generate-key ()
   "Generate and return a random authentication key.
-- 
2.11.0


--=-=-=
Content-Type: text/plain


[1]: https://github.com/magit/magit/issues/3148

--=-=-=--