Skip to content

Remove ENABLE_PATH_CHECK workaround #490

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
tianon merged 1 commit into from
Feb 14, 2025
Merged

Remove ENABLE_PATH_CHECK workaround #490

tianon merged 1 commit into from
Feb 14, 2025

Conversation

@Earlopain
Copy link
Contributor

@Earlopain Earlopain commented Dec 19, 2024

Since Ruby 2.7, this warning is not emitted anymore It was removed as part of https://bugs.ruby-lang.org/issues/16131

Here's the output of running ENV['PATH'] against various ruby versions, when $PATH contains a world-writable folder:

===============1.8.7-p374================
-e:1: warning: Insecure world writable dir /app/whatever in PATH, mode 040757
===============1.9.3-p551================
-e:1: warning: Insecure world writable dir /app/whatever in PATH, mode 040757
===============2.0.0-p648================
-e:1: warning: Insecure world writable dir /app/whatever in PATH, mode 040757
=================2.1.10==================
-e:1: warning: Insecure world writable dir /app/whatever in PATH, mode 040757
=================2.2.10==================
-e:1: warning: Insecure world writable dir /app/whatever in PATH, mode 040757
==================2.3.8==================
-e:1: warning: Insecure world writable dir /app/whatever in PATH, mode 040757
=================2.4.10==================
-e:1: warning: Insecure world writable dir /app/whatever in PATH, mode 040757
==================2.5.9==================
-e:1: warning: Insecure world writable dir /app/whatever in PATH, mode 040757
=================2.6.10==================
-e:1: warning: Insecure world writable dir /app/whatever in PATH, mode 040757
==================2.7.8==================
==================3.0.7==================
==================3.1.6==================
==================3.2.6==================
==================3.3.6==================
================3.4.0-rc1================

@Earlopain Earlopain marked this pull request as draft December 20, 2024 07:37
@Earlopain
Copy link
Contributor Author

Earlopain commented Dec 20, 2024

https://bugs.ruby-lang.org/issues/20971

@Earlopain
Remove ENABLE_PATH_CHECK workaround
c12fe5b 
Since Ruby 2.7, this warning is not emitted anymore
It was removed as part of https://bugs.ruby-lang.org/issues/16131

Here's the output of running `ENV['PATH']` against various ruby versions,
when `$PATH` contains a world-writable folder:

```
===============1.8.7-p374================
-e:1: warning: Insecure world writable dir /app/whatever in PATH, mode 040757
===============1.9.3-p551================
-e:1: warning: Insecure world writable dir /app/whatever in PATH, mode 040757
===============2.0.0-p648================
-e:1: warning: Insecure world writable dir /app/whatever in PATH, mode 040757
=================2.1.10==================
-e:1: warning: Insecure world writable dir /app/whatever in PATH, mode 040757
=================2.2.10==================
-e:1: warning: Insecure world writable dir /app/whatever in PATH, mode 040757
==================2.3.8==================
-e:1: warning: Insecure world writable dir /app/whatever in PATH, mode 040757
=================2.4.10==================
-e:1: warning: Insecure world writable dir /app/whatever in PATH, mode 040757
==================2.5.9==================
-e:1: warning: Insecure world writable dir /app/whatever in PATH, mode 040757
=================2.6.10==================
-e:1: warning: Insecure world writable dir /app/whatever in PATH, mode 040757
==================2.7.8==================
==================3.0.7==================
==================3.1.6==================
==================3.2.6==================
==================3.3.6==================
================3.4.0-rc1================
```

In https://bugs.ruby-lang.org/issues/20971, it was OKed to officially deprecate
since not emitting this was unintentional at the time
@Earlopain Earlopain force-pushed the remove-path-check-workaround branch from 4be7bd8 to c12fe5b Compare February 14, 2025 09:37
@Earlopain Earlopain marked this pull request as ready for review February 14, 2025 09:39
@Earlopain
Copy link
Contributor Author

Earlopain commented Feb 14, 2025

This is ready now. It was decided in the last developer meeting that omitting this warning is now intentional, even if it was by accident initially (see issue linked above)

tianon
tianon approved these changes Feb 14, 2025
View reviewed changes
Copy link
Member

@tianon tianon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice, thanks for pushing this! Hopefully ruby/ruby#12542 gets merged (soon?), but I've verified it's unused and https://bugs.ruby-lang.org/issues/20971#note-12 does seem pretty conclusive. 😄

@tianon tianon merged commit 02bc038 into docker-library:master Feb 14, 2025
26 checks passed
docker-library-bot added a commit to docker-library-bot/official-images that referenced this pull request Feb 15, 2025
@docker-library-bot
Update ruby
5d23158 
Changes:

- docker-library/ruby@b8c4907: Update 3.4 to 3.4.2
- docker-library/ruby@02bc038: Merge pull request docker-library/ruby#490 from Earlopain/remove-path-check-workaround
- docker-library/ruby@c12fe5b: Remove `ENABLE_PATH_CHECK` workaround
@tianon tianon mentioned this pull request Feb 15, 2025
Merged
@Earlopain Earlopain deleted the remove-path-check-workaround branch February 15, 2025 11:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tianon tianon tianon approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Earlopain @tianon