From: "Michał Górny" <mgorny@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] [RFC] GLEP 74: Full-tree verification using Manifest files
Date: Sat, 28 Oct 2017 22:55:23 +0200 [thread overview]
Message-ID: <1509224123.17801.9.camel@gentoo.org> (raw)
In-Reply-To: <23028.35393.310123.502062@a1i15.kph.uni-mainz.de>
W dniu sob, 28.10.2017 o godzinie 15∶46 +0200, użytkownik Ulrich Mueller
napisał:
> > > > > > On Sat, 28 Oct 2017, Michał Górny wrote:
> > W dniu sob, 28.10.2017 o godzinie 14∶49 +0200, użytkownik Ulrich Mueller
> > napisał:
> > > Other tools like "find" don't special-case dot-prefixed files
> > > though (in fact, "ls" may well be the exception there).
> > >
> > > Implicit ignores only create an unnecessary attack surface. Better
> > > make them explicit, even if this will require adding some entries
> > > for common cases (like .git in the top-level dir).
> > I dare say it's not an attack surface if tools are explicitly
> > directed not to use those files.
>
> For example, an ebuild can apply all patches from a given directory.
> We certainly don't want any unaccounted dot-prefixed files being
> injected there. (And yes, globbing shouldn't normally match such
> files, but there's at least one eclass setting the dotglob option.)
I think that's a really poor argument.
Firstly, the mentioned eclass does it for one command call, and it
doesn't go anywhere near the repository. So no, that doesn't count.
Secondly, someone being able to theoretically cut himself with a spoon
if he only sharpened its edge is no reason to forbid people from having
spoons without explicitly written permission.
> > The problem is, you can't predict all possible dotfiles and even if
> > you do, you're effectively blocking the user from creating any files
> > for his own use.
>
> Create files for their own use in random locations in the Gentoo
> repository? Why would anyone want to do that?
.DS_Store? ;-)
> > Say, if user wanted to use git on top of rsync for his own purposes,
> > why would you prevent him from doing that?
>
> As I said before, top-level .git should have an explicit IGNORE entry.
Are we going to supply explicit IGNORE entries for any VCS anyone might
choose to use? Or backup software and any other weird thing?
> IMHO we should rather stay on the safe side there, unless someone will
> speak up who has a concrete workflow where such dot-prefixed files
> with unpredictable names are needed.
I've already mentioned two. The first one were cheap union filesystems
based on FUSE where I'm pretty sure I've seen random dotfiles.
--
Best regards,
Michał Górny
next prev parent reply other threads:[~2017-10-28 20:56 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-26 20:12 [gentoo-dev] [RFC] GLEP 74: Full-tree verification using Manifest files Michał Górny
2017-10-26 21:58 ` Roy Bamford
2017-10-27 6:22 ` Michał Górny
2017-10-28 2:41 ` Dean Stephens
2017-10-27 21:05 ` Robin H. Johnson
2017-10-28 11:50 ` Michał Górny
2017-10-28 12:49 ` Ulrich Mueller
2017-10-28 13:23 ` Michał Górny
2017-10-28 13:46 ` Ulrich Mueller
2017-10-28 20:55 ` Michał Górny [this message]
2017-10-28 18:44 ` Robin H. Johnson
2017-10-29 18:47 ` Michał Górny
2017-10-29 20:54 ` Robin H. Johnson
2017-10-30 16:01 ` Michał Górny
2017-10-27 21:48 ` Hanno Böck
2017-10-28 2:41 ` Dean Stephens
2017-10-28 3:27 ` M. J. Everitt
2017-10-28 4:43 ` Allan Wegan
2017-10-29 19:07 ` [gentoo-dev] [v1.0.1] " Michał Górny
2017-10-29 20:39 ` Robin H. Johnson
2017-10-30 16:11 ` Michał Górny
2017-10-30 16:51 ` [gentoo-dev] [v1.0.2] " Michał Górny
2017-10-30 19:56 ` Robin H. Johnson
2017-11-01 8:44 ` Michał Górny
2017-11-01 9:47 ` Walter Dnes
2017-11-01 13:08 ` Andreas K. Huettel
2017-11-02 19:10 ` Michał Górny
2017-11-02 19:11 ` [gentoo-dev] [v1.0.3] " Michał Górny
2017-11-02 23:43 ` Robin H. Johnson
2017-11-05 21:10 ` Michał Górny
2017-11-06 20:42 ` Robin H. Johnson
2017-11-06 21:53 ` [gentoo-dev] [v1.0.4] " Michał Górny
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1509224123.17801.9.camel@gentoo.org \
--to=mgorny@gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox