-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
"/keybase bin is not a Keybase folder" / "bin is not a Keybase user" #3221
Comments
Hi @stephenyeargin -- those notifications happen when something on your device tries to look up a file in a Keybase directory that has only a pre-defined set of entries. In this case, something is looking up the file "bin" in Frankly, it seems like you have something configured to look for a |
@strib Yeah, I likely have a little bit of that going on.
Probably the |
It's boxen's fault. Without that loaded: $ echo $PATH
/Users/stephen/.composer/vendor/bin:/Users/stephen/node_modules/.bin:/usr/local/share/pear:/usr/local/sbin:/usr/local/bin:/usr/bin:/Applications/VirtualBox.app/Contents/MacOS:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/opt/X11/bin With it loaded: $ echo $PATH
bin:/opt/boxen/rbenv/shims:/opt/boxen/rbenv/bin:/opt/boxen/ruby-build/bin:/opt/boxen/phantomenv/shims:/opt/boxen/phantomenv/bin:/opt/boxen/nodenv/shims:/opt/boxen/nodenv/bin:/opt/boxen/node-build/bin:/usr/local/bin:/usr/local/sbin:/opt/boxen/bin:/Users/stephen/.composer/vendor/bin:/Users/stephen/node_modules/.bin:/usr/local/share/pear:/usr/local/sbin:/usr/local/bin:/usr/bin:/Applications/VirtualBox.app/Contents/MacOS:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/opt/X11/bin Now to figure out why they do that. |
Wow. That's shocking. It's not at all safe to use KBFS in this configuration. Someone could hijack your machine by getting you to cd into their public directory (containing a |
Keybase, Dropbox, GDrive, or anything else that gets supposedly read-only files onto your computer (say, unzipping an archive and cd'ing around in it). |
They say knowledge is power. 😁 Some times it's just terrifying. For anyone else that comes across it, you should immediately add this line to your Boxen repository into the # Don't append relative bin on path.
"boxen::environment::relative_bin_on_path": false As for the Keybase client, perhaps a warning if relative paths have been included in |
Keybase GUI Version: 1.0.16-20160624110018+8ca7e60
Shortly after the install process completed and messing around in the file system, I began receiving these notifications.
Reproduction steps:
cd /keybase/private/stephenyeargin,stevenryoung
from a demo pagecd /keybase/private/stephenyeargin
because I was curiouscd ..
because I was curiousrm -fr stephenyeargin
because I was curiousls -l
because I was curiousLog ID: 8599d96fc55e5935e6d7281c
The text was updated successfully, but these errors were encountered: