On Mon, 2011-12-12 at 13:24 -0700, Ken Dreyer wrote: > On Mon, Dec 12, 2011 at 1:21 PM, Bruno Wolff III <bruno@xxxxxxxx> wrote: > > On Mon, Dec 12, 2011 at 15:21:11 -0500, > > Stephen Gallagher <sgallagh@xxxxxxxxxx> wrote: > >> > >> Of course, a whitelist might be a better idea. Maybe we only > >> allow .tar.gz, .tar.bz2 and .zip to be uploaded this way and make > >> additional exceptions as they arise. > > > > .tgz is another common extension. > > Yeah, a whitelist could get tedious quickly. I was just thinking of > blacklisting stuff like .rpm and .patch. throw tar.xz on the list. In general it seems like we come up with a new compression format every few years (gzip, bzip2, lzma, xz...), and so many exceptions have been suggested here, that it does seem like a whitelist is a bad idea. If anything, given that the point of the lookaside cache as I understand it is that git doesn't really handle large binaries very well, it might make more sense to go with a size threshold than a file type or extension list. -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora http://www.happyassassin.net -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
