Disable write to whole user home

bibendi · Jun 7, 2017 · a8630e7 · a8630e7
1 parent e32353b
commit a8630e7
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 9 deletions.
diff --git a/lib/bundler.rb b/lib/bundler.rb
@@ -146,22 +146,25 @@ def ruby_scope
 
     def user_home
       @user_home ||= begin
-        home = Bundler.rubygems.user_home
-
-        warning = if home.nil?
-          "Your home directory is not set."
-        elsif !File.directory?(home)
-          "`#{home}` is not a directory."
-        elsif !File.writable?(home)
-          "`#{home}` is not writable."
+        if (home = Bundler.rubygems.user_home)
+          home_path = Pathname.new(home)
+
+          warning = if !home_path.directory?
+            "`#{home}` is not a directory."
+          elsif !home_path.writable?
+            bundle_path = home_path.join(".bundle")
+            "`#{home}` is not writable." unless bundle_path.directory? && bundle_path.writable?
+          end
+        else
+          warning = "Your home directory is not set."
         end
 
         if warning
           user_home = tmp_home_path(Etc.getlogin, warning)
           Bundler.ui.warn "#{warning}\nBundler will use `#{user_home}' as your home directory temporarily.\n"
           user_home
         else
-          Pathname.new(home)
+          home_path
         end
       end
     end

diff --git a/lib/bundler/fetcher/compact_index.rb b/lib/bundler/fetcher/compact_index.rb
@@ -63,6 +63,7 @@ def fetch_spec(spec)
       def available?
         return nil unless md5_available?
         user_home = Bundler.user_home
+        # FIXME: We need to check not a user home.
         return nil unless user_home.directory? && user_home.writable?
         # Read info file checksums out of /versions, so we can know if gems are up to date
         fetch_uri.scheme != "file" && compact_index_client.update_and_parse_checksums!