On Sun, Mar 20, 2011 at 15:31, Michael Knox <[email protected]> wrote: > On 21/03/11 5:56 AM, Daniel Pittman wrote: > > Hey. I love the basic change, but have a few semantic questions that I hope > you can answer more quickly than I could by reading the augeas source. > > Is augeus creating these temporary files in a way that is safe against > symlink attacks and similar security issues? > > I'm not familiar with the Augeas source, so I don't know. I'll need to look > as well.
If you don't know, you don't need to go to the trouble of finding out. I just wondered if I could save the time. Answering that isn't necessary to get it committed or anything. :) > Am I correct in understanding that we are writing a temporary copy for the > diff, then rewriting the change to the real file separately? > > Yes > > If so, could we instead use "rename" to avoid the costly parse/write cycle > being run twice per file? > > Probably, my concern would be the maintenance of file permissions, > timestamps etc. > I'll have a look and see about reworking the patch to do a "rename" I kind of assumed that Augeus would do that for us, because it makes sense if they have a "write a new file" mode that it would by default match the old file. If not ... well, I guess either way would be fine, but I wouldn't fight to have it use rename if it was more complex. :) Daniel -- ⎋ Puppet Labs Developer – http://puppetlabs.com ✉ Daniel Pittman <[email protected]> ✆ Contact me via gtalk, email, or phone: +1 (877) 575-9775 ♲ Made with 100 percent post-consumer electrons -- You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-dev?hl=en.
