From: Junio C Hamano <gitster@pobox.com>
To: Jeff King <peff@peff.net>
Cc: 惠轶群 <huiyiqun@gmail.com>, "Git List" <git@vger.kernel.org>,
"Your friend" <pickfire@riseup.net>
Subject: Re: [PATCH v3/GSoC 2/5] path.c: implement xdg_runtime_dir()
Date: Fri, 25 Mar 2016 11:00:13 -0700 [thread overview]
Message-ID: <xmqq4mbu4evm.fsf@gitster.mtv.corp.google.com> (raw)
In-Reply-To: <20160325175510.GA10563@sigill.intra.peff.net> (Jeff King's message of "Fri, 25 Mar 2016 13:55:10 -0400")
Jeff King <peff@peff.net> writes:
>> > That's clearer, but if I were the caller, I would worry about the
>> > security of the path.
>> > How about adding:
>> >
>> > The security of the path is ensured by file permission.
>>
>> Is "by file permission" descriptive enough?
>>
>> To protect /a/b/c/socket, what filesystem entities have the right
>> permission bits set? If the parent directory is writable by an
>> attacker, the permission bits on 'socket' itself may not matter as
>> the attacker can rename it away and create new one herself, for
>> example.
>
> I think that is discussed elsewhere, and referring to the xdg document
> is enough. My main point is that the docstring about a function should
> tell a potential caller what they need to know to use it, but if it gets
> overly long, that information is lost in the noise.
I agree with your main point, and I was wondering if "by file
permission" is merely adding yet another noise if there is
discussion elsewhere already, and/or if it does not refer to an
external document that has a fuller discussion, because it lacks any
useful information by itself.
next prev parent reply other threads:[~2016-03-25 18:00 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-03-23 10:13 [PATCH v3/GSoC 1/5] path.c: implement strbuf_mkpath() Hui Yiqun
2016-03-23 10:13 ` [PATCH v3/GSoC 2/5] path.c: implement xdg_runtime_dir() Hui Yiqun
2016-03-25 9:59 ` Jeff King
2016-03-25 14:21 ` 惠轶群
2016-03-25 14:23 ` 惠轶群
2016-03-25 16:55 ` Junio C Hamano
2016-03-25 17:55 ` Jeff King
2016-03-25 18:00 ` Junio C Hamano [this message]
2016-03-28 13:37 ` 惠轶群
2016-03-28 14:35 ` Junio C Hamano
2016-03-25 17:59 ` Jeff King
2016-03-28 14:12 ` 惠轶群
2016-03-28 14:50 ` Junio C Hamano
2016-03-28 15:00 ` 惠轶群
2016-03-28 17:03 ` Junio C Hamano
2016-03-28 15:51 ` [PATCH] path.c enter_repo(): fix unproper strbuf unwrapping and memory leakage Hui Yiqun
2016-03-28 15:56 ` [PATCH v2] " Hui Yiqun
2016-03-28 17:55 ` Jeff King
2016-03-29 2:40 ` 惠轶群
2016-03-28 15:57 ` [PATCH v3] " Hui Yiqun
2016-03-28 15:59 ` 惠轶群
2016-03-28 17:58 ` Junio C Hamano
2016-03-29 2:38 ` 惠轶群
2016-03-23 10:13 ` [PATCH v3/GSoC 3/5] git-credential-cache: put socket to xdg-compatible path Hui Yiqun
2016-03-25 10:00 ` Jeff King
2016-03-25 14:28 ` 惠轶群
2016-03-25 17:56 ` Jeff King
2016-03-25 18:00 ` 惠轶群
2016-03-23 10:13 ` [PATCH v3/GSoC 4/5] test-lib.sh: unset all environment variables defined in xdg base dir spec[1] Hui Yiqun
2016-03-25 10:05 ` Jeff King
2016-03-23 10:13 ` [PATCH v3/GSoC 5/5] t0301: test credential-cache support of XDG_RUNTIME_DIR Hui Yiqun
2016-03-25 7:13 ` [PATCH v3/GSoC 1/5] path.c: implement strbuf_mkpath() 惠轶群
2016-03-25 9:51 ` Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqq4mbu4evm.fsf@gitster.mtv.corp.google.com \
--to=gitster@pobox.com \
--cc=git@vger.kernel.org \
--cc=huiyiqun@gmail.com \
--cc=peff@peff.net \
--cc=pickfire@riseup.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.