- Require all requests to use a session path.
- Use a redirect file to avoid exposing the '/start' URL on the
command line, as it contains the cookie value.
Fix for CVE-2014-2914.
Closes#1438.
Currently fish doesn't recognize toor as special. However, it's likely
that on BSD systems, fish shell will be used on toor, not on root (toor
is an intentionally existing account to use more advanced shell on, like
shell).
This stops unconditionally setting values for HOME and USER,
if we find those values in the environment. It also saves about 16KB
on OS X, which getpwuid allocates.
Instead of introducing a new local scope at the point of `set`, merely
push a new local scope at the end of env_init(). This means we have a
single toplevel local scope across the lifetime of the fish process,
which means that
set -l foo bar
echo $foo
behaves as expected, without modifying the global environment.
The mode restricts the scope in which the variable is searched for.
Use this new restricted scope functionality in the `set` builtin. This
fixes `set -g` to not show local shadowing variable values, and also
allows for scoped erasing of slices.
When attempting to set a readonly or electric variable in the local or
universal scopes, print an appropriate error. Similarly, print an error
when setting an electric variable as exported. In most cases this is
simply a nicer error instead of the 'read-only' one, but for the 'umask'
variable it prevents `set -l umask 0023` from silently changing the
global value.
They're dynamically calculated, so they qualify. This also removes them
from the list of exported global variables, because they're actually not
exported.
When using the `set` command with the -l flag, if we're at the top
level, create a temporary local scope. This makes query/assignment
behavior be consistent with the value-printing behavior.
This works by marking the current block as needing to pop the
environment if a local scope was pushed. I assume this is safe to do. I
also assume the current block is the right one to modify, rather than
trying to walk up the stack to the root.
env_exists() wasn't properly handling multiple scopes in some cases,
notably with readonly/electric variables. Rewrite it to operate in a
more straightforward fashion.
When initializing fish, ignore any inherited environment variables that
match any of the readonly or electric variable names.
This prevents really weird behavior when e.g. fish is launched with
COLUMNS already set to something. In that case, testing $COLUMNS within
fish behaves normally, but any subprocesses get the value that fish
itself had inherited.