On 01.08.2015 09:24, Greg Stein wrote: > On Fri, Jul 31, 2015 at 6:36 PM, Daniel Shahaf <d...@daniel.shahaf.name > <mailto:d...@daniel.shahaf.name>> wrote: > >... > > Two questions: > > - When one side of the diff is in the OS filesystem, do we still fold > its value to 644/755 for output? > > - If yes, how do we choose between 644 and 755? (e.g., do we use > "x & 0111 == 0111", or "x & 0100 == 0100", or access(X_OK), or …) > > My answer to the first question is "yes", as discussed above. > > > Whatever the answer, I don't think the client should _ever_ set > group/world *write* [directed by the "server"]. Maybe not execute, > too. That just screams for creating a point of abuse. (maybe umask > applies, but I'd prefer to ignore that; we're getting perm bits from > (potentially) an untrusted server)
We have io_set_file_perms in libsvn_subr/io.c which we should be using here. Currently it tries to set all executable bits (user, group and world) but only the user-write bit for readonly/writable transitions. I don't recall offhand if apr_file_perms_set filters by umask or not. And FWIW, we should ignore the read-write perms from Git diffs and only (try to) tweak the executable bit. Having a read-only versioned file in our working copy that doesn't also have the svn:needs-lock property will likely cause all sorts of problems. -- Brane
