[Sugar-devel] [PATCH sugar-datastore 2/3] Make sure data store checkouts are read-only

[Sascha Silbe]

Excerpts from Simon Schampijer's message of Tue Mar 29 21:31:20 +0200 2011:
> On 03/05/2011 03:26 PM, Sascha Silbe wrote:
> > We don't want anyone to be able to alter a file that is inside the data store,
> > bypassing the API.

> What happens to the files that have been written prior to that patch? 
> Any plan to convert them?

I'm not sure about that. The copy time change respects the umask, thus
taking the users decisions re. privacy into account. If we want to
preserve that behaviour, we'd need to explicitly mask out the chmod()
permission bits. But os.umask() (like the umask() system call) doesn't
provide a way to get the current umask without modifying it. Since our
copy operations get spawned off as new threads (even if they actually
operate just in the single thread running the glib main loop) that might
lead to race conditions. Retrieving the umask during start-up would be
an option, but I'm starting to wonder whether it's worth the effort.
What do you think?

Sascha

-- 
http://sascha.silbe.org/
http://www.infra-silbe.de/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 500 bytes
Desc: not available
URL: <http://lists.sugarlabs.org/archive/sugar-devel/attachments/20110331/b79cdd11/attachment.pgp>