Mercurial > public > mercurial-scm > hg-stable

diff hgext/chgserver.py @ 28342:bd05d38a1002

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
chgserver: use basename for socket symlink Previously we use full path and the symlink may point to outside (unsafe) world if the directory is moved. This patch fixes it by only linking to basename of the target. Therefore the symbolic link and socket files will always stay in the same directory.
author Jun Wu <quark@fb.com>
date Fri, 04 Mar 2016 13:18:02 +0000
parents e00e57d83653
children 8f9661d1637b
line wrap: on
line diff
--- a/hgext/chgserver.py	Thu Mar 03 18:34:19 2016 +0100
+++ b/hgext/chgserver.py	Fri Mar 04 13:18:02 2016 +0000
@@ -613,7 +613,7 @@
         if self.baseaddress == self.address:
             return
         tempaddress = _tempaddress(self.baseaddress)
-        os.symlink(self.address, tempaddress)
+        os.symlink(os.path.basename(self.address), tempaddress)
         util.rename(tempaddress, self.baseaddress)
 
     def _reloadconfig(self, signum, frame):