Re: permissions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On Jun 9, 2010, at 12:20 AM, Alex Riesen wrote:

On Wed, Jun 9, 2010 at 00:27, William Pursell <bill.pursell@xxxxxxxxx> wrote:
Junio C Hamano wrote:
Alex Riesen <raa.lkml@xxxxxxxxx> writes:

On Tue, Jun 8, 2010 at 12:25, William Pursell <bill.pursell@xxxxxxxxx > wrote:
Here's a patch.  This doesn't address the issue of a damaged
repository, but just catches access errors and permissions.
The change looks fishy.

The patch moves the function is_git_directory at the level of user
interface where it wasn't before: it now complains and die.
Not all callers of the function call it only to die if it fails.

Thanks for shooting it down before I had to look at it ;-)

The point of the patch is that it now complains and dies.

At wrong point. Points, actually. There are many callers of the
function you modified. You should have looked at them all.

Should the other functions not fail in this case? Looking at the uses 3 in setup.c and not exported for use in other code. Only once case looked like it could cause an issue would be if the file did not exist, and he excluded that case, lines 408 and 409 of setup.c Where the environment variable is passed into the function.

Well that's a good question, William made a valid assumption that if you were checking a directory that is suspected to be a git directory and it couldn't be read you should let the user know that something is funky. Now this looks like the right place for catching that access violation, but it looks like it night not the right place to report the error.....

So return another error code for catching it up stream. But, we can't because this function can be true many ways and false only one. This is where the shell convention that 0 is ok and errors are not 0 really shines, but doesn't work for the name of this function.



Perhaps I'm being obtuse, but can you describe a situation
in which this causes git to terminate inappropriately?

Maybe. BTW, can you? (if you try, I mean). But your questions
misses the point of my complaint about your patch:

And this point was not clearly explained on your part.... I had to read your complaint a few times to understand what you meant.

Something mentioned this way might have been more insightful.
The patch should pass error up to calling function and not terminate in the function.

And offer a suggestion of how you would prefer it to be implemented.

The patch makes the function you modified act not as one
can guess from its other uses. Imagine someone replaced
open(2) implementation to kill your program everytime you
tried to open /etc/passwd. How'd you like that?

Your analogy is subtly off.

Because if you tried to open /etc/passwd and could not open it for reading your application should fail. That works because open allows for the return of an error code, but is_git_directory does not, so patching at the level that will correctly detect this erroneous case is difficult to report upstream.

That alone is reason enough to dislike the change and put
you personally into a list of persons to be careful with (as
you don't seem to care about what happens with the code
after you changed it).

Honestly it is not, he was asking what he did wrong, and probably didn't follow your line of reasoning.

Steve
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]