From: Steven Michalske <smichalske@gmail.com>
To: Alex Riesen <raa.lkml@gmail.com>
Cc: William Pursell <bill.pursell@gmail.com>,
Junio C Hamano <gitster@pobox.com>,
Andreas Schwab <schwab@linux-m68k.org>,
git@vger.kernel.org
Subject: Re: permissions
Date: Wed, 9 Jun 2010 03:39:24 -0700 [thread overview]
Message-ID: <586C928F-9EB5-44C3-A4AE-814AC5E11E91@gmail.com> (raw)
In-Reply-To: <AANLkTikGpbeP1ba0y0oUsWGQXsrL8Z-GKjybCB83W_FJ@mail.gmail.com>
On Jun 9, 2010, at 12:20 AM, Alex Riesen wrote:
> On Wed, Jun 9, 2010 at 00:27, William Pursell
> <bill.pursell@gmail.com> wrote:
>> Junio C Hamano wrote:
>>> Alex Riesen <raa.lkml@gmail.com> writes:
>>>
>>>> On Tue, Jun 8, 2010 at 12:25, William Pursell <bill.pursell@gmail.com
>>>> > wrote:
>>>>> Here's a patch. This doesn't address the issue of a damaged
>>>>> repository, but just catches access errors and permissions.
>>>> The change looks fishy.
>>>>
>>>> The patch moves the function is_git_directory at the level of user
>>>> interface where it wasn't before: it now complains and die.
>>>> Not all callers of the function call it only to die if it fails.
>>>
>>> Thanks for shooting it down before I had to look at it ;-)
>>
>> The point of the patch is that it now complains and dies.
>
> At wrong point. Points, actually. There are many callers of the
> function you modified. You should have looked at them all.
>
Should the other functions not fail in this case? Looking at the uses
3 in setup.c and not exported for use in other code. Only once case
looked like it could cause an issue would be if the file did not
exist, and he excluded that case, lines 408 and 409 of setup.c Where
the environment variable is passed into the function.
Well that's a good question, William made a valid assumption that if
you were checking a directory that is suspected to be a git directory
and it couldn't be read you should let the user know that something is
funky. Now this looks like the right place for catching that access
violation, but it looks like it night not the right place to report
the error.....
So return another error code for catching it up stream. But, we can't
because this function can be true many ways and false only one. This
is where the shell convention that 0 is ok and errors are not 0 really
shines, but doesn't work for the name of this function.
>> Perhaps I'm being obtuse, but can you describe a situation
>> in which this causes git to terminate inappropriately?
>
> Maybe. BTW, can you? (if you try, I mean). But your questions
> misses the point of my complaint about your patch:
>
And this point was not clearly explained on your part.... I had to
read your complaint a few times to understand what you meant.
Something mentioned this way might have been more insightful.
The patch should pass error up to calling function and not terminate
in the function.
And offer a suggestion of how you would prefer it to be implemented.
> The patch makes the function you modified act not as one
> can guess from its other uses. Imagine someone replaced
> open(2) implementation to kill your program everytime you
> tried to open /etc/passwd. How'd you like that?
>
Your analogy is subtly off.
Because if you tried to open /etc/passwd and could not open it for
reading your application should fail. That works because open allows
for the return of an error code, but is_git_directory does not, so
patching at the level that will correctly detect this erroneous case
is difficult to report upstream.
> That alone is reason enough to dislike the change and put
> you personally into a list of persons to be careful with (as
> you don't seem to care about what happens with the code
> after you changed it).
Honestly it is not, he was asking what he did wrong, and probably
didn't follow your line of reasoning.
Steve
prev parent reply other threads:[~2010-06-09 10:39 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-06-05 9:33 permissions William Pursell
2010-06-05 9:50 ` permissions Andreas Schwab
2010-06-05 18:23 ` permissions William Pursell
2010-06-06 6:45 ` permissions Alex Riesen
2010-06-06 9:36 ` permissions William Pursell
2010-06-06 12:45 ` permissions Alex Riesen
2010-06-06 19:54 ` permissions Junio C Hamano
2010-06-08 10:25 ` permissions William Pursell
2010-06-08 14:52 ` permissions Alex Riesen
2010-06-08 21:05 ` permissions Junio C Hamano
2010-06-08 22:27 ` permissions William Pursell
2010-06-09 7:20 ` permissions Alex Riesen
2010-06-09 10:29 ` permissions William Pursell
2010-06-09 12:06 ` permissions Thomas Rast
2010-06-09 13:00 ` permissions Alex Riesen
2010-06-09 12:56 ` permissions Alex Riesen
2010-06-09 10:39 ` Steven Michalske [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=586C928F-9EB5-44C3-A4AE-814AC5E11E91@gmail.com \
--to=smichalske@gmail.com \
--cc=bill.pursell@gmail.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=raa.lkml@gmail.com \
--cc=schwab@linux-m68k.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).