ruby-changes:53335
From: nobu <ko1@a...>
Date: Tue, 6 Nov 2018 02:27:17 +0900 (JST)
Subject: [ruby-changes:53335] nobu:r65551 (trunk): Relax MJIT_BUILD_DIR restriction
nobu 2018-11-06 02:27:10 +0900 (Tue, 06 Nov 2018) New Revision: 65551 https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=65551 Log: Relax MJIT_BUILD_DIR restriction * mjit.c (init_header_filename): sticky-mode directory probably would be less unsafe even if it is not owned. Modified files: trunk/mjit.c Index: mjit.c =================================================================== --- mjit.c (revision 65550) +++ mjit.c (revision 65551) @@ -394,15 +394,20 @@ init_header_filename(void) https://github.com/ruby/ruby/blob/trunk/mjit.c#L394 /* This path is not intended to be used on production, but using build directory's header file here because people want to run `make test-all` without running `make install`. Don't use $MJIT_SEARCH_BUILD_DIR except for test-all. */ - if (build_dir[0] != '/' || - stat(build_dir, &st) || !S_ISDIR(st.st_mode) || - st.st_uid != getuid() || (st.st_mode & 022) || - !rb_path_check(build_dir)) { + if (build_dir[0] != '/') { + verbose(1, "Non-absolute path MJIT_BUILD_DIR: %s", build_dir); + } + else if (stat(build_dir, &st) || !S_ISDIR(st.st_mode)) { + verbose(1, "Non-directory path MJIT_BUILD_DIR: %s", build_dir); + } + else if (!rb_path_check(build_dir)) { verbose(1, "Unsafe MJIT_BUILD_DIR: %s", build_dir); return FALSE; } - basedir = build_dir; - baselen = sizeof(build_dir) - 1; + else { + basedir = build_dir; + baselen = sizeof(build_dir) - 1; + } } #endif -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/