On 12/02/2018 15:30, Kevin Wolf wrote:
>>> We shouldn't be adding new instances of BLOCK_OP_* at all. I couldn't
>>> find the time yet to remove the existing ones, but any new protections
>>> should be using the permission system.
>> I agree. But does this include not fixing bugs wherever clients are
>> using the old op blockers?
> I'm not saying that we shouldn't fix the bug, just that we should fix it
> properly with the best infrastructure we have.
> The old op blockers are "fixing" the problem at the symptom level, and
> you have to check for each high-level operation if it does something
> problematic internally. You have to repeat this analysis every time you
> add a new operation or modifiy an existing one (which noone ever does).
> The risk that this breaks sooner or later is pretty high.
> The new permission system, on the other hand, directly addresses the
> root cause, and any new feature that uses dirty bitmaps will then
> automatically get the protection, too.
> So in fact, I would say that the bug isn't really fixed (but at best
> papered over) until we add a proper fix on the permission level.
Okay, we are in agreement about this and you expressed very well why I
(at the gut feeling level) didn't like the old op blockers. But you
bypassed the real question, which is: should I send a pull request for
these two patches or not? :)