view tests/test-trusted.py.out @ 49275:c6a3243567b6

chg: replace mercurial.util.recvfds() by simpler pure Python implementation On Python 3, we have socket.socket.recvmsg(). This makes it possible to receive FDs in pure Python code. The new code behaves like the previous implementations, except that it’s more strict about the format of the ancillary data. This works because we know in which format the FDs are passed. Because the code is (and always has been) specific to chg (payload is 1 byte, number of passed FDs is limited) and we now have only one implementation and the code is very short, I decided to stop exposing a function in mercurial.util. Note on terminology: The SCM_RIGHTS mechanism is used to share open file descriptions to another process over a socket. The sending side passes an array of file descriptors and the receiving side receives an array of file descriptors. The file descriptors are different in general on both sides but refer to the same open file descriptions. The two terms are often conflated, even in the official documentation. That’s why I used “FD” above, which could mean both “file descriptor” and “file description”.
author Manuel Jacob <me@manueljacob.de>
date Thu, 02 Jun 2022 23:57:56 +0200
parents 9dc1351d0b5f
children
line wrap: on
line source

# same user, same group
trusted
    global = /some/path
    local = /another/path
untrusted
. . global = /some/path
. . local = /another/path

# same user, different group
trusted
    global = /some/path
    local = /another/path
untrusted
. . global = /some/path
. . local = /another/path

# different user, same group
not trusting file .hg/hgrc from untrusted user abc, group bar
trusted
    global = /some/path
untrusted
. . global = /some/path
. . local = /another/path

# different user, same group, but we trust the group
trusted
    global = /some/path
    local = /another/path
untrusted
. . global = /some/path
. . local = /another/path

# different user, different group
not trusting file .hg/hgrc from untrusted user abc, group def
trusted
    global = /some/path
untrusted
. . global = /some/path
. . local = /another/path

# different user, different group, but we trust the user
trusted
    global = /some/path
    local = /another/path
untrusted
. . global = /some/path
. . local = /another/path

# different user, different group, but we trust the group
trusted
    global = /some/path
    local = /another/path
untrusted
. . global = /some/path
. . local = /another/path

# different user, different group, but we trust the user and the group
trusted
    global = /some/path
    local = /another/path
untrusted
. . global = /some/path
. . local = /another/path

# we trust all users
# different user, different group
trusted
    global = /some/path
    local = /another/path
untrusted
. . global = /some/path
. . local = /another/path

# we trust all groups
# different user, different group
trusted
    global = /some/path
    local = /another/path
untrusted
. . global = /some/path
. . local = /another/path

# we trust all users and groups
# different user, different group
trusted
    global = /some/path
    local = /another/path
untrusted
. . global = /some/path
. . local = /another/path

# we don't get confused by users and groups with the same name
# different user, different group
not trusting file .hg/hgrc from untrusted user abc, group def
trusted
    global = /some/path
untrusted
. . global = /some/path
. . local = /another/path

# list of user names
# different user, different group, but we trust the user
trusted
    global = /some/path
    local = /another/path
untrusted
. . global = /some/path
. . local = /another/path

# list of group names
# different user, different group, but we trust the group
trusted
    global = /some/path
    local = /another/path
untrusted
. . global = /some/path
. . local = /another/path

# Can't figure out the name of the user running this process
# different user, different group
not trusting file .hg/hgrc from untrusted user abc, group def
trusted
    global = /some/path
untrusted
. . global = /some/path
. . local = /another/path

# prints debug warnings
# different user, different group
not trusting file .hg/hgrc from untrusted user abc, group def
trusted
ignoring untrusted configuration option paths.local = /another/path
    global = /some/path
untrusted
. . global = /some/path
. ignoring untrusted configuration option paths.local = /another/path
. local = /another/path

# report_untrusted enabled without debug hides warnings
# different user, different group
trusted
    global = /some/path
untrusted
. . global = /some/path
. . local = /another/path

# report_untrusted enabled with debug shows warnings
# different user, different group
not trusting file .hg/hgrc from untrusted user abc, group def
trusted
ignoring untrusted configuration option paths.local = /another/path
    global = /some/path
untrusted
. . global = /some/path
. ignoring untrusted configuration option paths.local = /another/path
. local = /another/path

# ui.readconfig sections
quux

# read trusted, untrusted, new ui, trusted
not trusting file foobar from untrusted user abc, group def
trusted:
ignoring untrusted configuration option foobar.baz = quux
None
untrusted:
quux

# error handling
# file doesn't exist
# same user, same group
# different user, different group

# parse error
# different user, different group
not trusting file .hg/hgrc from untrusted user abc, group def
ignored .hg/hgrc:1: foo
# same user, same group
config error at .hg/hgrc:1: foo


# access typed information
# different user, different group
not trusting file .hg/hgrc from untrusted user abc, group def
# suboptions, trusted and untrusted
(None, []) ('main', [('one', 'one'), ('two', 'two')])
# path, trusted and untrusted
None .hg/monty/python
# bool, trusted and untrusted
False True
# int, trusted and untrusted
0 42
# bytes, trusted and untrusted
0 84934656
# list, trusted and untrusted
[] ['spam', 'ham', 'eggs']