Re: [vile] Tags not working, how to diagnose?

[Thomas Dickey]

On Sat, 20 Oct 2007, Paul Fox wrote:

> thomas wrote:
> >
> > The is_our_file() call is seeing that your directory is group-writable.
> > I added a check last year:
> >
> >   20061212 (m)
> >          + disallow source'ing from the current directory if the source'd file
> >            might be writable by other users.
>
> good catch.

It took me a few minutes to see it (so I agree it's not obvious).
On the positive side, I can almost always point to the CHANGES file...

> can we somehow emit a better warning that a file or dir is being skipped?

At the moment, I _think_ that adding an mlforce in cfg_locate() noting 
this wouldn't be too intrusive.  Something like

        mlforce("[Skipped '%s' (insecure permissions)]", filename);

(trying to think of a terse but usable message...).  That way, if you have
popup-msgs set, it's accessible.

> i won't be surprised if this bites me soon -- my wife and i have many
> files we can both write, probably including .vilerc.

I recall being annoyed that I couldn't symlink a .cshrc file to multiple
locations (quite a while ago).  Nowadays, I just try to see my code 
featured on BugTraq...

--
Thomas E. Dickey
http://invisible-island.net
ftp://invisible-island.net