1. aragost Trifork
  2. Untitled project
  3. projrc

Commits

Angel Ezquerra  committed 349dac0

Do not transfer the projrc settings by default

This makes it impossible for a rogue admin to override a user's global projrc
settings (such as the default include and exclude lists), which has serious
safety implications.

  • Participants
  • Parent commits 705cc5b
  • Branches default

Comments (0)

Files changed (1)

File projrc.py

View file
     includedkeys = parsekeylist(configlist)
 
     configlist = ui.configlist('projrc', 'exclude')
+    # By default we exclude all projrc related settings
+    # This makes it impossible for a rogue admin to modify the projrc settings
+    # (such as the include and exclude lists), which has serious safety implications
+    configlist += ['projrc.*']
     excludedkeys = parsekeylist(configlist)
 
     return includedkeys, excludedkeys