* Allowing symlinked dir-locals files?
@ 2021-08-16 18:01 Yuri D'Elia
2021-08-16 18:10 ` Stefan Monnier
2021-08-16 18:12 ` Eli Zaretskii
0 siblings, 2 replies; 6+ messages in thread
From: Yuri D'Elia @ 2021-08-16 18:01 UTC (permalink / raw)
To: emacs-devel
Hi everyone,
I was trying to share some localized customization by symlinking a
.dir-locals.el file across directories, but it doesn't seem to work.
Looking at the current files.el:4330, we explicitly check if the file is
a regular file. And looking at the FIXME comment just above I concur
that checking just for file-directory-p should be sufficient for proper
behavior.
However I suspect that the rationale was to be proper as well as "safe",
as this could be used to make emacs read/interpret another file if the
symlink is under the control of a VCS or via a shared-filesystem.
I wonder if that's all we can really do?
I currently hardlinked the files and bypassed the problem. I can think a
couple of alternative solutions, however I have a series of projects
that share indentation/editor settings and I've found that using such
setup makes it more discoverable.
Thoughts?
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Allowing symlinked dir-locals files?
2021-08-16 18:01 Allowing symlinked dir-locals files? Yuri D'Elia
@ 2021-08-16 18:10 ` Stefan Monnier
2021-08-16 18:12 ` Eli Zaretskii
1 sibling, 0 replies; 6+ messages in thread
From: Stefan Monnier @ 2021-08-16 18:10 UTC (permalink / raw)
To: Artur Malabarba; +Cc: Yuri D'Elia, emacs-devel
Hi Artur,
Yuri D'Elia [2021-08-16 20:01:20] wrote:
> I was trying to share some localized customization by symlinking a
> .dir-locals.el file across directories, but it doesn't seem to work.
>
> Looking at the current files.el:4330, we explicitly check if the file is
> a regular file. And looking at the FIXME comment just above I concur
AFAICT, this `file-regular-p` check (used in addition
to `(not (file-directory-p f))`) was introduced by your:
commit f0b82b34536e6bafbecbd642eee0cb0f534f8647
Author: Artur Malabarba <bruce.connor.am@gmail.com>
Date: Sat Jan 16 08:50:46 2016 +0000
* lisp/files.el (dir-locals--all-files): Use completion instead of wildcards
(dir-locals-file)
* lisp/files-x.el (modify-dir-local-variable)
* lisp/dos-fns.el (dosified-file-name)
* lisp/help-fns.el (describe-variable): Change accordingly.
Do you remember why added it?
Stefan
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Allowing symlinked dir-locals files?
2021-08-16 18:01 Allowing symlinked dir-locals files? Yuri D'Elia
2021-08-16 18:10 ` Stefan Monnier
@ 2021-08-16 18:12 ` Eli Zaretskii
2021-08-16 18:25 ` Yuri D'Elia
2021-08-16 18:39 ` Andreas Schwab
1 sibling, 2 replies; 6+ messages in thread
From: Eli Zaretskii @ 2021-08-16 18:12 UTC (permalink / raw)
To: Yuri D'Elia; +Cc: emacs-devel
> From: Yuri D'Elia <wavexx@thregr.org>
> Date: Mon, 16 Aug 2021 20:01:20 +0200
>
> Looking at the current files.el:4330, we explicitly check if the file is
> a regular file. And looking at the FIXME comment just above I concur
> that checking just for file-directory-p should be sufficient for proper
> behavior.
>
> However I suspect that the rationale was to be proper as well as "safe",
> as this could be used to make emacs read/interpret another file if the
> symlink is under the control of a VCS or via a shared-filesystem.
Yes. It could also be a symlink injected by malevolent hackers.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Allowing symlinked dir-locals files?
2021-08-16 18:12 ` Eli Zaretskii
@ 2021-08-16 18:25 ` Yuri D'Elia
2021-08-16 18:39 ` Andreas Schwab
1 sibling, 0 replies; 6+ messages in thread
From: Yuri D'Elia @ 2021-08-16 18:25 UTC (permalink / raw)
To: emacs-devel
On Mon, Aug 16 2021, Eli Zaretskii wrote:
>> However I suspect that the rationale was to be proper as well as "safe",
>> as this could be used to make emacs read/interpret another file if the
>> symlink is under the control of a VCS or via a shared-filesystem.
>
> Yes. It could also be a symlink injected by malevolent hackers.
Can we please benevolent hackers with a list or trusted directories? ;)
I don't recall where I saw this approach used before (maybe there's
already a variable for trusted paths), but I wouldn't mind explicitly
marking certain trees where symlinks are explicitly allowed.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Allowing symlinked dir-locals files?
2021-08-16 18:12 ` Eli Zaretskii
2021-08-16 18:25 ` Yuri D'Elia
@ 2021-08-16 18:39 ` Andreas Schwab
2021-09-18 14:10 ` Yuri D'Elia
1 sibling, 1 reply; 6+ messages in thread
From: Andreas Schwab @ 2021-08-16 18:39 UTC (permalink / raw)
To: Eli Zaretskii; +Cc: Yuri D'Elia, emacs-devel
On Aug 16 2021, Eli Zaretskii wrote:
>> Looking at the current files.el:4330, we explicitly check if the file is
>> a regular file.
Why is that a problem? If the symlink points to a regular file, it is
still a file-regular-p.
> Yes. It could also be a symlink injected by malevolent hackers.
Is that different from a regular file injected by malevolent hackers?
Andreas.
--
Andreas Schwab, schwab@linux-m68k.org
GPG Key fingerprint = 7578 EB47 D4E5 4D69 2510 2552 DF73 E780 A9DA AEC1
"And now for something completely different."
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Allowing symlinked dir-locals files?
2021-08-16 18:39 ` Andreas Schwab
@ 2021-09-18 14:10 ` Yuri D'Elia
0 siblings, 0 replies; 6+ messages in thread
From: Yuri D'Elia @ 2021-09-18 14:10 UTC (permalink / raw)
To: emacs-devel
On Mon, Aug 16 2021, Andreas Schwab wrote:
>>> Looking at the current files.el:4330, we explicitly check if the file is
>>> a regular file.
>
> Why is that a problem? If the symlink points to a regular file, it is
> still a file-regular-p.
>
>> Yes. It could also be a symlink injected by malevolent hackers.
>
> Is that different from a regular file injected by malevolent hackers?
I was giving more thought to this. I don't think there's any difference.
Assuming we're reading a versioned .dir-locals.el file, there's no way
to distinguish between a benevolent (local) file and the versioned file.
We still need to obey safe-local-variable-values just like any other
file, and AFAIK we have no concept of "trusted paths" for dir-locals
where resolution could be ambiguous.
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2021-09-18 14:10 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-16 18:01 Allowing symlinked dir-locals files? Yuri D'Elia
2021-08-16 18:10 ` Stefan Monnier
2021-08-16 18:12 ` Eli Zaretskii
2021-08-16 18:25 ` Yuri D'Elia
2021-08-16 18:39 ` Andreas Schwab
2021-09-18 14:10 ` Yuri D'Elia
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).