On 05.10.2017 19:12, Daniel Shahaf wrote:
> Branko Čibej wrote on Thu, 05 Oct 2017 18:44 +0200:
>> On 05.10.2017 16:46, Julian Foad wrote:
>>> Calculation of a directory's hash would have to happen for each
>>> directory where the user has mixed access to the immediate children,
>>> and for all parents of such a directory up to the root.
>> And /that/ is the painful part: the fact that you need a depth-first
>> traversal of the tree in order to calculate the hash for the root
>> directory. And the reason why we're not exposing the directory hash,
>> even if the FS stores it.
> What if we only returned a checksum for nodes to which the user had full
> recursive access? E.g., with "[/A/B] *=", the caller would be able to retrieve
> checksums for /A/C, /A/D, /A/mu, and /A's property hash, and for descendants
> of the first two, but that's it.
That would leak permission settings. A user would know that she only
sees a partial directory merely by checking for the presence of the
directory checksum.
-- Brane
Received on 2017-10-05 19:29:23 CEST