From 8c21ede9d20777f387c97814dc227e33fdb94318 Mon Sep 17 00:00:00 2001
From: Juliusz Chroboczek <jch@irif.fr>
Date: Thu, 28 Oct 2021 20:01:11 +0200
Subject: [PATCH] Don't allow group names to start with a period.

---
 README.PROTOCOL        | 4 ++--
 group/group.go         | 5 +++++
 webserver/webserver.go | 4 ++++
 3 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/README.PROTOCOL b/README.PROTOCOL
index a0475af..3fc00ed 100644
--- a/README.PROTOCOL
+++ b/README.PROTOCOL
@@ -24,8 +24,8 @@ message types.
 ### Group
 
 A group is a set of clients.  It is identified by a human-readable name
-that must not start or end with a slash "`/`" and must not have the
-substrings "`/../`" or "`/./`".
+that must not start or end with a slash "`/`", must not start with
+a period "`.`", and must not contain the substrings "`/../`" or "`/./`".
 
 ### Client
 
diff --git a/group/group.go b/group/group.go
index bebb6ce..831b2fd 100644
--- a/group/group.go
+++ b/group/group.go
@@ -1085,6 +1085,11 @@ func Update() {
 				)
 				return nil
 			}
+			base := filepath.Base(filename)
+			if base[0] == '.' {
+				log.Printf("Group file %v ignored", filename)
+				return nil
+			}
 			name := filename[:len(filename)-5]
 			desc, err := GetDescription(name)
 			if err != nil {
diff --git a/webserver/webserver.go b/webserver/webserver.go
index 91e8189..a263010 100644
--- a/webserver/webserver.go
+++ b/webserver/webserver.go
@@ -262,6 +262,10 @@ func parseGroupName(prefix string, p string) string {
 		return ""
 	}
 
+	if name[0] == '.' {
+		return ""
+	}
+
 	if filepath.Separator != '/' &&
 		strings.ContainsRune(name, filepath.Separator) {
 		return ""