On 12/02/2018 15:30, Kevin Wolf wrote: >>> We shouldn't be adding new instances of BLOCK_OP_* at all. I couldn't >>> find the time yet to remove the existing ones, but any new protections >>> should be using the permission system. >> I agree. But does this include not fixing bugs wherever clients are >> using the old op blockers? > I'm not saying that we shouldn't fix the bug, just that we should fix it > properly with the best infrastructure we have. > > The old op blockers are "fixing" the problem at the symptom level, and > you have to check for each high-level operation if it does something > problematic internally. You have to repeat this analysis every time you > add a new operation or modifiy an existing one (which noone ever does). > The risk that this breaks sooner or later is pretty high. > > The new permission system, on the other hand, directly addresses the > root cause, and any new feature that uses dirty bitmaps will then > automatically get the protection, too. > > So in fact, I would say that the bug isn't really fixed (but at best > papered over) until we add a proper fix on the permission level.
Okay, we are in agreement about this and you expressed very well why I (at the gut feeling level) didn't like the old op blockers. But you bypassed the real question, which is: should I send a pull request for these two patches or not? :) Paolo