config: add unsafe-accounts-conf option
This adds the option "unsafe-accounts-conf" under the section [general] of aerc.conf. This allows an user to specify if the accounts.conf file must be restrict to be read by the file owner (0600). By default it is set to "false". Signed-off-by: Victor Freire <victor@freire.dev.br> Acked-by: Robin Jarry <robin@jarry.cc>
This commit is contained in:
parent
f21916ce0a
commit
8db09d2c73
3 changed files with 32 additions and 6 deletions
|
@ -1,6 +1,16 @@
|
|||
#
|
||||
# aerc main configuration
|
||||
|
||||
[general]
|
||||
#
|
||||
# By default, the file permissions of accounts.conf must be restrictive and
|
||||
# only allow reading by the file owner (0600). Set this option to true to
|
||||
# ignore this permission check. Use this with care as it may expose your
|
||||
# credentials.
|
||||
#
|
||||
# Default: false
|
||||
unsafe-accounts-conf=false
|
||||
|
||||
[ui]
|
||||
#
|
||||
# Describes the format for each row in a mailbox view. This field is compatible
|
||||
|
|
|
@ -26,7 +26,8 @@ import (
|
|||
)
|
||||
|
||||
type GeneralConfig struct {
|
||||
DefaultSavePath string `ini:"default-save-path"`
|
||||
DefaultSavePath string `ini:"default-save-path"`
|
||||
UnsafeAccountsConf bool `ini:"unsafe-accounts-conf"`
|
||||
}
|
||||
|
||||
type UIConfig struct {
|
||||
|
@ -583,11 +584,7 @@ func LoadConfigFromFile(root *string, logger *log.Logger) (*AercConfig, error) {
|
|||
_root := path.Join(xdg.ConfigHome(), "aerc")
|
||||
root = &_root
|
||||
}
|
||||
filename := path.Join(*root, "accounts.conf")
|
||||
if err := checkConfigPerms(filename); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
filename = path.Join(*root, "aerc.conf")
|
||||
filename := path.Join(*root, "aerc.conf")
|
||||
|
||||
// if it doesn't exist copy over the template, then load
|
||||
if _, err := os.Stat(filename); errors.Is(err, os.ErrNotExist) {
|
||||
|
@ -620,6 +617,10 @@ func LoadConfigFromFile(root *string, logger *log.Logger) (*AercConfig, error) {
|
|||
|
||||
Ini: file,
|
||||
|
||||
General: GeneralConfig{
|
||||
UnsafeAccountsConf: false,
|
||||
},
|
||||
|
||||
Ui: UIConfig{
|
||||
IndexFormat: "%D %-17.17n %s",
|
||||
TimestampFormat: "2006-01-02 03:04 PM",
|
||||
|
@ -705,6 +706,13 @@ func LoadConfigFromFile(root *string, logger *log.Logger) (*AercConfig, error) {
|
|||
}
|
||||
}
|
||||
|
||||
filename = path.Join(*root, "accounts.conf")
|
||||
if !config.General.UnsafeAccountsConf {
|
||||
if err := checkConfigPerms(filename); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
|
||||
accountsPath := path.Join(*root, "accounts.conf")
|
||||
if accounts, err := loadAccountConfig(accountsPath); err != nil {
|
||||
return nil, err
|
||||
|
|
|
@ -30,6 +30,14 @@ These options are configured in the *[general]* section of aerc.conf.
|
|||
*default-save-path*
|
||||
Used as a default path for save operations if no other path is specified.
|
||||
|
||||
*unsafe-accounts-conf*
|
||||
By default, the file permissions of accounts.conf must be restrictive
|
||||
and only allow reading by the file owner (_0600_). Set this option to
|
||||
*true* to ignore this permission check. Use this with care as it may
|
||||
expose your credentials.
|
||||
|
||||
Default: false
|
||||
|
||||
## UI OPTIONS
|
||||
|
||||
These options are configured in the *[ui]* section of aerc.conf.
|
||||
|
|
Loading…
Reference in a new issue