TakeV
/
guix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

git-authenticate: Ignore authenticated commit cache when it's not #o600. 

* guix/git-authenticate.scm (previously-authenticated-commits): Stat
PORT; return the empty list if it's no #o600 and change it to #o600.
This commit is contained in:
Ludovic Courtès 2020-06-21 15:34:53 +02:00
parent bdafdfcec9
commit 41939c374a
No known key found for this signature in database
GPG Key ID: 090B11993D9AEBB5
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
guix/git-authenticate.scm
View File

@ -306,7 +306,14 @@ IDs (hex strings)."
(catch 'system-error
(lambda ()
(call-with-input-file (authenticated-commit-cache-file key)
read))
(lambda (port)
;; If PORT has the wrong permissions, it might have been tampered
;; with by another user so ignore its contents.
(if (= #o600 (stat:perms (stat port)))
(read port)
(begin
(chmod port #o600)
'())))))
(lambda args
(if (= ENOENT (system-error-errno args))
'()