[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: The patch-exec branch

From: Branko Čibej <brane_at_wandisco.com>
Date: Sat, 01 Aug 2015 09:43:25 +0200

On 01.08.2015 09:24, Greg Stein wrote:
> On Fri, Jul 31, 2015 at 6:36 PM, Daniel Shahaf <d.s_at_daniel.shahaf.name
> <mailto:d.s_at_daniel.shahaf.name>> wrote:
> >...
> Two questions:
> - When one side of the diff is in the OS filesystem, do we still fold
> its value to 644/755 for output?
> - If yes, how do we choose between 644 and 755? (e.g., do we use
> "x & 0111 == 0111", or "x & 0100 == 0100", or access(X_OK), or …)
> My answer to the first question is "yes", as discussed above.
> Whatever the answer, I don't think the client should _ever_ set
> group/world *write* [directed by the "server"]. Maybe not execute,
> too. That just screams for creating a point of abuse. (maybe umask
> applies, but I'd prefer to ignore that; we're getting perm bits from
> (potentially) an untrusted server)

We have io_set_file_perms in libsvn_subr/io.c which we should be using
here. Currently it tries to set all executable bits (user, group and
world) but only the user-write bit for readonly/writable transitions. I
don't recall offhand if apr_file_perms_set filters by umask or not.

And FWIW, we should ignore the read-write perms from Git diffs and only
(try to) tweak the executable bit. Having a read-only versioned file in
our working copy that doesn't also have the svn:needs-lock property will
likely cause all sorts of problems.

-- Brane
Received on 2015-08-01 09:44:30 CEST

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.