Mercurial > hg
view contrib/hgweb.fcgi @ 23940:d0ef40776999 stable
osx: patch .pax.gz files in pkg bundles so they extract as root (issue4081)
The packages has to be installed by root but they would be installed
insecurely, owned by the uid of the unprivileged user that made the package.
The local user with that uid could thus write to /usr/local/bin/hg .
bdist_mpkg calls out to pax to create the package, but pax do apparently not
have the power to control what it is writing.
Instead, patch the pax files and set their uid fields to 0 before they are
wrapped in a dmg.
| author | Mads Kiilerich <madski@unity3d.com> |
|---|---|
| date | Fri, 23 Jan 2015 06:28:28 +0100 |
| parents | 85cba926cb59 |
| children | 99e231afc29c |
line wrap: on
line source
#!/usr/bin/env python # # An example FastCGI script for use with flup, edit as necessary # Path to repo or hgweb config to serve (see 'hg help hgweb') config = "/path/to/repo/or/config" # Uncomment and adjust if Mercurial is not installed system-wide # (consult "installed modules" path from 'hg debuginstall'): #import sys; sys.path.insert(0, "/path/to/python/lib") # Uncomment to send python tracebacks to the browser if an error occurs: #import cgitb; cgitb.enable() from mercurial import demandimport; demandimport.enable() from mercurial.hgweb import hgweb from flup.server.fcgi import WSGIServer application = hgweb(config) WSGIServer(application).run()