[PATCH] blackbox: add logreadonlybyuser to restrict permission to log (issue5065)
timeless
timeless at gmail.com
Mon Mar 14 14:45:04 EDT 2016
Copying is also something that I was considering/would like to consider.
On Mon, Mar 14, 2016 at 11:02 AM, Yuya Nishihara <yuya at tcha.org> wrote:
> On Mon, 14 Mar 2016 03:59:02 -0400, timeless wrote:
>> first, I'd rather start by making the log not world readable.
>>
>> > + logreadonlybyuser = self.hasconfig('blackbox', 'logreadonlybyuser')
>>
>> second, we typically use configbool(..., ..., False).
>> I'm not sure what hasconfig is/does, but I suspect it's the wrong thing.
>> e.g --config blackbox.logreadonlybyuser=False
>>
>> third, I'm not a fan of the name.
>>
>> and finally, I want to take some time to think about this before we
>> take it. (other feedback is welcome)
>
> I agree with timeless. How about this?
>
> a) new log file is created as -rw------- (BC)
> b) user may chmod it afterward
> c) on rotate, copy the old permission bits to new file
More information about the Mercurial-devel
mailing list