[PATCH] blackbox: add logreadonlybyuser to restrict permission to log (issue5065)
yuya at tcha.org
Mon Mar 14 11:02:32 EDT 2016
On Mon, 14 Mar 2016 03:59:02 -0400, timeless wrote:
> first, I'd rather start by making the log not world readable.
> > + logreadonlybyuser = self.hasconfig('blackbox', 'logreadonlybyuser')
> second, we typically use configbool(..., ..., False).
> I'm not sure what hasconfig is/does, but I suspect it's the wrong thing.
> e.g --config blackbox.logreadonlybyuser=False
> third, I'm not a fan of the name.
> and finally, I want to take some time to think about this before we
> take it. (other feedback is welcome)
I agree with timeless. How about this?
a) new log file is created as -rw------- (BC)
b) user may chmod it afterward
c) on rotate, copy the old permission bits to new file
More information about the Mercurial-devel