[PATCH] Add script to rewrite manifest to workaround lack of parent deltas
greg-hg at gerg.ca
Mon Aug 24 20:57:37 CDT 2009
On Mon, Aug 24, 2009 at 5:39 PM, Benoit
Boissinot<benoit.boissinot at ens-lyon.org> wrote:
>> 1) except tempfile.mktemp() is unsafe and should not be used
> Not more unsafe than using a chosen prefix.
Huh?? mktemp() is unsafe because there is a race condition: the
function finds an unused filename and returns it to you. Attacker
creates file as a symlink to /etc/passwd. Then you open it in
truncate mode and clobber /etc/passwd. mkstemp() avoids this by
returning an open file descriptor along with the filename. So how
does having a known prefix make mkstemp() less secure? (And isn't the
default prefix -- "tmp" -- even more "known" than a chosen prefix that
I pass in?)
>> Running this on an arbitrary revlog -- really, a filelog -- smells
>> like YAGNI to me.
> (what does YAGNI means?)
Sorry. YAGNI = "You Ain't Gonna Need It" or, in proper English, "You
Aren't Going to Need It". As in, "sure, we *could* implement
shrink-manifest as shrink-revlog so users can shrink any filelog that
is affected by lack of parent deltas, but you ain't gonna need it".
Comes from the XP (extreme programming) community.
More information about the Mercurial-devel