From b4adaf75a36d6d6425df820c46023a32e79bb6df Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 12 Nov 2016 01:34:19 -0400 Subject: The propellor wrapper checks if ./config.hs exists; if so it runs using the configuration in the current directory, rather than ~/.propellor/config.hs The config,hs name now seems a bit badly chosen, propellor.hs would be less ambiguous. To avoid accidentially running with a config.hs for something else, the file content has to contain "Propellor". Note that checkRepoUpToDate is only run for ~/.propellor/. I guess propellor configs in other directories won't have been set up that way, and it would take some changes to make that not hardcode use of dotPropellor. There's a new security boundary here, since running propellor looks at the cwd, whose contents might not be user the user's control. The security checks I added for this seem pretty good, but even if they can be bypassed, this is not much different than `make` using the Makefile in cwd. This commit was sponsored by Ole-Morten Duesund on Patreon. --- debian/changelog | 3 +++ 1 file changed, 3 insertions(+) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index 509734dd..f3442116 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,6 +1,9 @@ propellor (3.2.3) UNRELEASED; urgency=medium * Improve extraction of gpg secret key id list, to work with gpg 2.1. + * The propellor wrapper checks if ./config.hs exists; if so it runs + using the configuration in the current directory, rather than + ~/.propellor/config.hs -- Joey Hess Fri, 11 Nov 2016 19:32:54 -0400 -- cgit v1.3-2-g0d8e