forked from lix-project/lix
Don't allow untrusted users to set info.ultimate
Note that a trusted signature was still required in this case so it was not a huge deal.
This commit is contained in:
parent
6f245bf24a
commit
1a8e15053a
|
@ -621,6 +621,8 @@ static void performOp(ref<LocalStore> store, bool trusted, unsigned int clientVe
|
||||||
from >> info.ca >> repair >> dontCheckSigs;
|
from >> info.ca >> repair >> dontCheckSigs;
|
||||||
if (!trusted && dontCheckSigs)
|
if (!trusted && dontCheckSigs)
|
||||||
dontCheckSigs = false;
|
dontCheckSigs = false;
|
||||||
|
if (!trusted)
|
||||||
|
info.ultimate = false;
|
||||||
|
|
||||||
TeeSink tee(from);
|
TeeSink tee(from);
|
||||||
parseDump(tee, tee.source);
|
parseDump(tee, tee.source);
|
||||||
|
|
Loading…
Reference in a new issue