diff options
| author | Nobuyoshi Nakada <nobu@ruby-lang.org> | 2025-01-14 11:26:25 +0900 |
|---|---|---|
| committer | Nobuyoshi Nakada <nobu@ruby-lang.org> | 2025-01-14 11:26:25 +0900 |
| commit | d74e9ef71215b4e58d735b9377bcb02a1634c73a (patch) | |
| tree | 98d4c01185497609dfe09142eacf7af04694791e | |
| parent | 8891890bffb9aecae7444619479ae26d59302cf0 (diff) | |
CI: Make parents of PATH directories world-unwritable
| -rw-r--r-- | .github/actions/setup/directories/action.yml | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/.github/actions/setup/directories/action.yml b/.github/actions/setup/directories/action.yml index 72e37e921b..3e8dcdfc20 100644 --- a/.github/actions/setup/directories/action.yml +++ b/.github/actions/setup/directories/action.yml @@ -140,8 +140,15 @@ runs: run: | sudo chmod -R go-w /usr/share chmod -v go-w $HOME $HOME/.config || : - SAVE_IFS="$IFS" IFS=:; set $PATH; dirs=() IFS="$SAVE_IFS" - for d do [ ! -d "$d" ] || dirs+=("$d"); done + declare -a dirs # -A is not supported by old bash, e.g. macos + SAVE_IFS="$IFS" IFS=:; set $PATH + for d do + while [ -d "$d" ]; do + case "$IFS${dirs[*]}$IFS" in *"$IFS$d$IFS"*) ;; *) dirs+=("$d");; esac + d="${d%/*}" + done + done + IFS="$SAVE_IFS" sudo chmod -v go-w "${dirs[@]}" || : - if: inputs.dummy-files == 'true' |