Hello, I was just curious, so I have looked at the code: 1. I generally don't like patterns like this:
a = transform(a) You reuse one variable name for multiple purposes and this makes reading the code harder. 2. You use JSON as data exchange format. JSON parsing can be viewed as needlessly complex. One might argue the risks are not so high in most scenarios, but I don't feel it to be “the Qubes way” there. 3. You identify files by inode numbers. When I guess inode number, what prevents me from escaping from my root directory? 4. How is directory traversal prevented? Note that I've taken rather a brief look, it was not a deep review. Regards, Vít Šesták 'v6ak' -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/f9feb5fa-2409-4c20-ac0d-7be971f7b62c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
