[Sugar-devel] [PATCH sugar-datastore 2/3] Make sure data store checkouts are read-only
simon at schampijer.de
Thu Mar 31 12:20:48 EDT 2011
On 03/31/2011 09:20 AM, Sascha Silbe wrote:
> Excerpts from Simon Schampijer's message of Tue Mar 29 21:31:20 +0200 2011:
>> On 03/05/2011 03:26 PM, Sascha Silbe wrote:
>>> We don't want anyone to be able to alter a file that is inside the data store,
>>> bypassing the API.
>> What happens to the files that have been written prior to that patch?
>> Any plan to convert them?
> I'm not sure about that. The copy time change respects the umask, thus
> taking the users decisions re. privacy into account. If we want to
> preserve that behaviour, we'd need to explicitly mask out the chmod()
> permission bits. But os.umask() (like the umask() system call) doesn't
> provide a way to get the current umask without modifying it. Since our
> copy operations get spawned off as new threads (even if they actually
> operate just in the single thread running the glib main loop) that might
> lead to race conditions. Retrieving the umask during start-up would be
> an option, but I'm starting to wonder whether it's worth the effort.
> What do you think?
Ok, that sounds tricky indeed. So go for it without the conversion.
More information about the Sugar-devel