[PATCH v4 01/16] add util/search-path.{c, h} to test for executables in $PATH

Tomi Ollila tomi.ollila at iki.fi
Fri Aug 12 13:01:36 PDT 2016


On Fri, Aug 12 2016, Daniel Kahn Gillmor <dkg at fifthhorseman.net> wrote:

> On Fri 2016-08-12 03:38:53 -0400, David Bremner wrote:
>> Daniel Kahn Gillmor <dkg at fifthhorseman.net> writes:
>>
>>>> Should we distinguish between relative and absolute paths here?  I can't
>>>> think of any security implications, but I'm wondering if a relative path
>>>> is likely just a user error.
>>>
>>> I don't think a relative path is necessarily a user error.  I certainly
>>> use relative paths myself from time to time.
>>
>> As configuration values? That seems quite fragile, since it depends on
>> the current working directory when notmuch is run.
>
> rarely!  but sometimes i do it because i'm testing things in strange
> ways, and it can be a bit frustrating to have a tool second-guess me
> when it seems like i ought to be able to drop the same string i'm using
> on the command line into the configuration.
>
> I don't feel strongly, though.  if you want to say that bare words found
> in the $PATH and absolute filenames (starting with /) are fine in the
> notmuch config but relative paths are not, i'd be ok with that :)

>From consistency point of view, current patch not checking it being
absolute might prevail -- I don't see database.path being checked for
being absolute...

The probability for user error is pretty small there -- if there is
typo/thinko there things usually just starts failing. Security is
easier to break elsewhere than here (e.g. borken PATH...)

I'd keep the current implementation of test_for_executable()...

Tomi

>
>         --dkg


More information about the notmuch mailing list