On 01.08.2015 09:24, Greg Stein wrote:
> On Fri, Jul 31, 2015 at 6:36 PM, Daniel Shahaf <d.s_at_daniel.shahaf.name
> <mailto:d.s_at_daniel.shahaf.name>> wrote:
> >...
>
> Two questions:
>
> - When one side of the diff is in the OS filesystem, do we still fold
> its value to 644/755 for output?
>
> - If yes, how do we choose between 644 and 755? (e.g., do we use
> "x & 0111 == 0111", or "x & 0100 == 0100", or access(X_OK), or …)
>
> My answer to the first question is "yes", as discussed above.
>
>
> Whatever the answer, I don't think the client should _ever_ set
> group/world *write* [directed by the "server"]. Maybe not execute,
> too. That just screams for creating a point of abuse. (maybe umask
> applies, but I'd prefer to ignore that; we're getting perm bits from
> (potentially) an untrusted server)
We have io_set_file_perms in libsvn_subr/io.c which we should be using
here. Currently it tries to set all executable bits (user, group and
world) but only the user-write bit for readonly/writable transitions. I
don't recall offhand if apr_file_perms_set filters by umask or not.
And FWIW, we should ignore the read-write perms from Git diffs and only
(try to) tweak the executable bit. Having a read-only versioned file in
our working copy that doesn't also have the svn:needs-lock property will
likely cause all sorts of problems.
-- Brane
Received on 2015-08-01 09:44:30 CEST