From: Junio C Hamano <gitster@pobox.com>
To: Taylor Blau <me@ttaylorr.com>
Cc: git@vger.kernel.org, dstolee@microsoft.com, mhagger@alum.mit.edu,
peff@peff.net
Subject: Re: [PATCH 1/3] tempfile.c: introduce 'create_tempfile_mode'
Date: Mon, 20 Apr 2020 16:31:18 -0700 [thread overview]
Message-ID: <xmqq1rohrayh.fsf@gitster.c.googlers.com> (raw)
In-Reply-To: <aa86e8df403eef31295e6036f280995fa74cc3b4.1587422630.git.me@ttaylorr.com> (Taylor Blau's message of "Mon, 20 Apr 2020 16:51:03 -0600")
Taylor Blau <me@ttaylorr.com> writes:
> Arguably, all temporary files should have permission 0444, since they
> are likely to be renamed into place and then not written to again.
If the repository is not shared, it is more than likely that these
files ought to have permission narrower than that. As you'd be
concluding any file that you created and written to in $GIT_DIR/
with adjust_shared_perm(), I do not think it is a good idea to allow
callers to pass an arbitrary mode and let them expect the mode would
stick. Shoudln't we instead be passing "int read_only" and depending
on the boolean value, choosing between 0444 and 0666 in the function?
> Signed-off-by: Taylor Blau <me@ttaylorr.com>
> ---
> tempfile.c | 6 +++---
> tempfile.h | 7 ++++++-
> 2 files changed, 9 insertions(+), 4 deletions(-)
>
> diff --git a/tempfile.c b/tempfile.c
> index d43ad8c191..94aa18f3f7 100644
> --- a/tempfile.c
> +++ b/tempfile.c
> @@ -130,17 +130,17 @@ static void deactivate_tempfile(struct tempfile *tempfile)
> }
>
> /* Make sure errno contains a meaningful value on error */
> -struct tempfile *create_tempfile(const char *path)
> +struct tempfile *create_tempfile_mode(const char *path, int mode)
> {
> struct tempfile *tempfile = new_tempfile();
>
> strbuf_add_absolute_path(&tempfile->filename, path);
> tempfile->fd = open(tempfile->filename.buf,
> - O_RDWR | O_CREAT | O_EXCL | O_CLOEXEC, 0666);
> + O_RDWR | O_CREAT | O_EXCL | O_CLOEXEC, mode);
> if (O_CLOEXEC && tempfile->fd < 0 && errno == EINVAL)
> /* Try again w/o O_CLOEXEC: the kernel might not support it */
> tempfile->fd = open(tempfile->filename.buf,
> - O_RDWR | O_CREAT | O_EXCL, 0666);
> + O_RDWR | O_CREAT | O_EXCL, mode);
> if (tempfile->fd < 0) {
> deactivate_tempfile(tempfile);
> return NULL;
> diff --git a/tempfile.h b/tempfile.h
> index cddda0a33c..b5760d4581 100644
> --- a/tempfile.h
> +++ b/tempfile.h
> @@ -89,7 +89,12 @@ struct tempfile {
> * a tempfile (whose "fd" member can be used for writing to it), or
> * NULL on error. It is an error if a file already exists at that path.
> */
> -struct tempfile *create_tempfile(const char *path);
> +struct tempfile *create_tempfile_mode(const char *path, int mode);
> +
> +static inline struct tempfile *create_tempfile(const char *path)
> +{
> + return create_tempfile_mode(path, 0666);
> +}
>
> /*
> * Register an existing file as a tempfile, meaning that it will be
next prev parent reply other threads:[~2020-04-20 23:31 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-20 22:50 [PATCH 0/3] commit-graph: write non-split graphs as read-only Taylor Blau
2020-04-20 22:51 ` [PATCH 1/3] tempfile.c: introduce 'create_tempfile_mode' Taylor Blau
2020-04-20 23:31 ` Junio C Hamano [this message]
2020-04-20 22:51 ` [PATCH 2/3] lockfile.c: introduce 'hold_lock_file_for_update_mode' Taylor Blau
2020-04-20 22:51 ` [PATCH 3/3] commit-graph.c: write non-split graphs as read-only Taylor Blau
2020-04-20 23:23 ` [PATCH 0/3] commit-graph: " Junio C Hamano
2020-04-20 23:39 ` Taylor Blau
2020-04-21 1:17 ` Junio C Hamano
2020-04-21 7:01 ` Jeff King
2020-04-21 18:59 ` Junio C Hamano
2020-04-27 16:27 ` [PATCH v2 0/4] " Taylor Blau
2020-04-27 16:27 ` [PATCH v2 1/4] tempfile.c: introduce 'create_tempfile_mode' Taylor Blau
2020-04-27 16:27 ` [PATCH v2 2/4] lockfile.c: introduce 'hold_lock_file_for_update_mode' Taylor Blau
2020-04-27 16:28 ` [PATCH v2 3/4] commit-graph.c: write non-split graphs as read-only Taylor Blau
2020-04-27 23:54 ` Junio C Hamano
2020-04-27 23:59 ` Taylor Blau
2020-04-28 0:25 ` Junio C Hamano
2020-04-28 3:34 ` Jeff King
2020-04-28 16:50 ` Junio C Hamano
2020-04-28 20:59 ` Jeff King
2020-04-28 21:05 ` Junio C Hamano
2020-04-28 21:08 ` Jeff King
2020-04-28 21:44 ` Taylor Blau
2020-04-28 21:58 ` Jeff King
2020-04-28 23:22 ` Junio C Hamano
2020-04-29 11:52 ` Derrick Stolee
2020-04-27 16:28 ` [PATCH v2 4/4] commit-graph.c: ensure graph layers respect core.sharedRepository Taylor Blau
2020-04-27 17:21 ` Taylor Blau
2020-04-27 20:58 ` Jeff King
2020-04-29 17:36 ` [PATCH v3 0/5] commit-graph: write non-split graphs as read-only Taylor Blau
2020-04-29 17:36 ` [PATCH v3 1/5] tempfile.c: introduce 'create_tempfile_mode' Taylor Blau
2020-04-29 17:36 ` [PATCH v3 2/5] lockfile.c: introduce 'hold_lock_file_for_update_mode' Taylor Blau
2020-04-29 17:36 ` [PATCH v3 3/5] commit-graph.c: write non-split graphs as read-only Taylor Blau
2020-04-29 17:36 ` [PATCH v3 4/5] commit-graph.c: ensure graph layers respect core.sharedRepository Taylor Blau
2020-04-29 17:36 ` [PATCH v3 5/5] commit-graph.c: make 'commit-graph-chain's read-only Taylor Blau
2020-05-01 5:52 ` [PATCH v3 0/5] commit-graph: write non-split graphs as read-only Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqq1rohrayh.fsf@gitster.c.googlers.com \
--to=gitster@pobox.com \
--cc=dstolee@microsoft.com \
--cc=git@vger.kernel.org \
--cc=me@ttaylorr.com \
--cc=mhagger@alum.mit.edu \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).