OS X Catalina getting zsh compinit: insecure directories, run compaudit for list.

[fg78nc]

OS X Catalina

1. Downloaded bosh-complete-darwin
2. chmod +x bosh-complete-darwin
3. eval "$(./bosh-complete zsh-source)"

Getting:

zsh compinit: insecure directories, run compaudit for list.
Ignore insecure directories and continue [y] or abort compinit [n]?

run compaudit and tried to chown of listed directories, but it did not help.

Would appreciate your assistance.

[thomasmitchell]

Is bosh-complete writable by other users? It may be complaining that somebody else on the system could theoretically replace your completion target and cause you to run arbitrary code under your user.

[fg78nc]

It is writable by my regular OS user and in group staff

-rwxr-xr-x@ 1 fg staff 10101452 Feb 22 12:49 bosh-complete

[thomasmitchell]

what about other things that compaudit is complaining about?

[fg78nc]

compaudit complains about /usr/local/share directory only

[thomasmitchell]

and is that writable to non-root users that aren't you?

[fg78nc]

It is not. I encountered this problem only after adding eval for bosh completion executable to zshrc

…

On Sun, Feb 23, 2020 at 8:59 AM Thomas Mitchell ***@***.***> wrote: and is that writable to non-root users that aren't you? — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#4?email_source=notifications&email_token=AEOCGNBNG4B433ZPAMGFO7LREJ6K3A5CNFSM4KZTPV4KYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEMV4OHI#issuecomment-590071581>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AEOCGNAWMGTVO3HBZGXKGULREJ6K3ANCNFSM4KZTPV4A> .