[racket-dev] [plt] Push #27864: master branch updated
I left the other commit in place so that even if users customize
download? and install? the command-line tool will continue to work.
Jay
On Wed, Nov 27, 2013 at 7:23 PM, <jay at racket-lang.org> wrote:
> jay has updated `master' from c980182b6b to 1741e1b0d1.
> http://git.racket-lang.org/plt/c980182b6b..1741e1b0d1
>
> =====[ 2 Commits ]======================================================
> Directory summary:
> 44.7% pkgs/planet-pkgs/planet-doc/planet/
> 55.2% racket/collects/planet/private/
>
> ~~~~~~~~~~
>
> 680b6f4 Jay McCarthy <jay at racket-lang.org> 2013-11-27 19:09
> :
> | Revert "Remove arbitrary code execution exploit from Racket and DrRacket"
> |
> | This reverts commit cf1755fc173cef39c3c4592011623269735084c0.
> :
> M racket/collects/planet/private/resolver.rkt | 8 ++++----
>
> ~~~~~~~~~~
>
> 1741e1b Jay McCarthy <jay at racket-lang.org> 2013-11-27 19:22
> :
> | Explain how to control whether Planet auto-installation is enabled
> :
> M pkgs/planet-pkgs/planet-doc/planet/planet.scrbl | 10 ++++++++++
>
> =====[ Overall Diff ]===================================================
>
> pkgs/planet-pkgs/planet-doc/planet/planet.scrbl
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> --- OLD/pkgs/planet-pkgs/planet-doc/planet/planet.scrbl
> +++ NEW/pkgs/planet-pkgs/planet-doc/planet/planet.scrbl
> @@ -8,6 +8,7 @@
> planet/util
> planet/version
> planet/syntax
> + planet/resolver
> planet/scribble)
> scribble/bnf)
>
> @@ -160,6 +161,15 @@ Once that is complete, PLaneT will use that version of the
> package for any subsequent @racket[require]s and won't try
> to use the network.
>
> +If you wish to ensure that PLaneT won't use the network even if your
> +operating system allows it, you can use the @racket[download?]
> +parameter of the @racketmodname[planet/resolver] module to control
> +whether it attempts to download files. Similarly, you can use the
> + at racket[install?] parameter to prevent installation. Finally, you can
> +block access at the operating system level to the path returned by
> + at racket[(PLANET-BASE-DIR)] to control which operating system users can
> +install PLaneT packages.
> +
> @subsection{Fine-Grained Control Over Package Imports}
>
> The PLaneT client is designed to balance two competing goals:
>
> racket/collects/planet/private/resolver.rkt
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> --- OLD/racket/collects/planet/private/resolver.rkt
> +++ NEW/racket/collects/planet/private/resolver.rkt
> @@ -219,9 +219,9 @@ See the scribble documentation on the planet/resolver module.
> (struct-out exn:fail:planet))
>
> ;; if #f, will not install packages and instead raise a exn:fail:install? error
> -(define install? (make-parameter #f))
> +(define install? (make-parameter #t))
> ;; if #f, will not download packages and instead raise a exn:fail:install? error
> -(define download? (make-parameter #f))
> +(define download? (make-parameter #t))
> (define-struct (exn:fail:planet exn:fail) ())
>
> ;; update doc index only once for a set of installs:
> @@ -541,7 +541,7 @@ See the scribble documentation on the planet/resolver module.
> (unless (download?)
> (raise (make-exn:fail:planet
> (format
> - "PLaneT error: cannot download package ~s without permission. Give permission with download? parameter or use 'raco planet install'"
> + "PLaneT error: cannot download package ~s since the download? parameter is set to #f"
> (list (car (pkg-spec-path pkg)) (pkg-spec-name pkg)))
> (current-continuation-marks))))
> ((if (USE-HTTP-DOWNLOADS?) download-package/http download-package/planet)
> @@ -577,7 +577,7 @@ See the scribble documentation on the planet/resolver module.
> (unless (install?)
> (raise (make-exn:fail:planet
> (format
> - "PLaneT error: cannot install package ~s without permission. Give permission with download? parameter or use 'raco planet install'"
> + "PLaneT error: cannot install package ~s since the install? parameter is set to #f"
> (list (car pkg-path) pkg-name maj min))
> (current-continuation-marks))))
> (define owner (car pkg-path))
![[logo]](/logo.png){kind=logo}