compinit -U in /etc/zsh/zshrc is unfriendly to fpath users
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
zsh (Ubuntu) |
Fix Released
|
Medium
|
Tollef Fog Heen |
Bug Description
This bug report refers to the zsh in Hoary. I don't see where to indicate that
here. I haven't checked the breezy version, but I know I'm reporting a problem
that is not in the original debian package.
I run compinit with different arguments in files called from my own .zshrc. The
Ubuntu /etc/zsh/zshrc contains the lines
autoload -U compinit
compinit
which are not present in the original debian package. With this here, this
compinit call gets called before my compinit -C -D in my own configuration
files, which results in security warnings when I run as root (since I set fpath
to include directories in my home directory) and a .zcompdump file which causes
problems when sharing a home directory across systems that have different
versions of zsh.
I believe that a call to compinit should not be in /etc/zsh/zshrc because users
should be able to call compinit with different arguments. As far as I can tell,
there is no way around this without losing the rest of /etc/zsh/zshrc (by
setting GLOBAL_RCS as needed to disable this from .zshenv).
Please consider removing these lines, leaving zshrc as in the debian package.
Alternatively, please explain why this is a good idea to have as it is. :-)
Related branches
CVE References
Changed in zsh: | |
assignee: | nobody → tfheen |
status: | Unconfirmed → Confirmed |
The completion system is one of the premiere features of zsh, and we would like
to have it enabled by default for new users. If you know of a way to support
this use case, without interfering with configurations such as yours, I see no
problem adapting it.