Re: The patch-exec branch

From: Greg Stein <gstein_at_gmail.com>
Date: Sat, 1 Aug 2015 02:24:01 -0500

On Fri, Jul 31, 2015 at 6:36 PM, Daniel Shahaf <d.s_at_daniel.shahaf.name>
wrote:
>...

> Two questions:
>
> - When one side of the diff is in the OS filesystem, do we still fold
> its value to 644/755 for output?
>
> - If yes, how do we choose between 644 and 755? (e.g., do we use
> "x & 0111 == 0111", or "x & 0100 == 0100", or access(X_OK), or …)
>
> My answer to the first question is "yes", as discussed above.
>

Whatever the answer, I don't think the client should _ever_ set group/world
*write* [directed by the "server"]. Maybe not execute, too. That just
screams for creating a point of abuse. (maybe umask applies, but I'd prefer
to ignore that; we're getting perm bits from (potentially) an untrusted
server)

Cheers,
-g
Received on 2015-08-01 09:24:13 CEST

This message: [ Message body ]
Next message: Branko Čibej: "Re: The patch-exec branch"
Previous message: Daniel Shahaf: "False positive "out of date" (SVN_ERR_FS_CONFLICT) with httpv1 and ra_serf"
In reply to: Daniel Shahaf: "Re: The patch-exec branch"
Next in thread: Branko Čibej: "Re: The patch-exec branch"
Reply: Branko Čibej: "Re: The patch-exec branch"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]