W dniu sob, 28.10.2017 o godzinie 14∶49 +0200, użytkownik Ulrich Mueller napisał: > > > > > > On Sat, 28 Oct 2017, Michał Górny wrote: > > > > The Manifest files can also specify ``IGNORE`` entries to skip > > > > Manifest verification of subdirectories and/or files. Files and > > > > directories starting with a dot are always implicitly ignored. > > > > All files that are not ignored must be covered by at least one > > > > of the Manifests. > > > > > > Do we need to keep that implicit ignore rule? Rather, convert it > > > to being always explicit. > > > > > > There is only one such file in the rsync checkout presently: > > > metadata/.checksum-test-marker (see bug #572168, it is used to > > > detect mis-configured mirrors). > > > > > > A SVN or Git repo might also have dot-named directories. > > I like the implicit idea better as it is more consistent with normal > > tool behavior, like 'ls' not listing the files. Dotfiles can be > > created by many random tools or even the filesystem (especially in > > some cases of overlay filesystems). > > Other tools like "find" don't special-case dot-prefixed files though > (in fact, "ls" may well be the exception there). > > Implicit ignores only create an unnecessary attack surface. Better > make them explicit, even if this will require adding some entries for > common cases (like .git in the top-level dir). >
I dare say it's not an attack surface if tools are explicitly directed not to use those files. The problem is, you can't predict all possible dotfiles and even if you do, you're effectively blocking the user from creating any files for his own use. Say, if user wanted to use git on top of rsync for his own purposes, why would you prevent him from doing that? -- Best regards, Michał Górny
