-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 04/25/2014 06:52 PM, Gavin Sharp wrote: > It would help a lot with bug-clarity if both the "record umask on > startup" and "add API to OS.File" changes were split into their > own bugs. The debate is really about the OS.File API.
Yeah, I should have done this months ago, but I was distracted by filesystem corruption. The "record umask on startup" changes are bug 1001842 and have been pushed to inbound. The OS.File API change is now bug 1001849. > The API question depends a lot on the use cases people foresee. > Are there any use cases identified for this API other than the > download manager? > > OS.File is a fairly low-level API, so I tend to agree that it > shouldn't be too tailored to the download manager case > specifically, unless there's a lot of "demand" for that particular > use case. A generic "setPermisions" API seems to fit with the rest > of the OS.File API. "honorUmask" doesn't seem necessary at this > point, unless there are identified use cases for it not mentioned. I think this is the wrong way to think about this. I claim that the operation "do whatever is necessary on this platform to give this file the access permissions that it would have received if we had created it in its current location in the most natural way" belongs in OS.File and not in its consumers, because it is security-critical, finicky to get right, and requires detailed understanding of platform conventions to get right. Moreover it should not be lumped into a generic setPermissions() call, which programmers will expect to do exactly as it is told rather than performing DWIMmery. I think this argument is compelling *whether or not* anyone besides the download manager ever needs this operation. (I happen to suspect that we already do need it elsewhere, but I can't commit to digging through the entire tree to find other cases. But any other context where we create files whose ultimate home is outside the profile directory is probably buggy right now in exactly the same way.) zw -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Using GnuPG with Icedove - http://www.enigmail.net/ iQIcBAEBCAAGBQJTW9KIAAoJEJH8wytnaapkwxUP/1ReeESl3nqASReHsOFVaTQq CFX6fuvvatRik+bOsP6Rtt6TrLxOk9Sukhg/cl//BKyHjqm8sM7oA+CEBC94w2dG u/OoepPu9BCN6geqyChEgOMvbUoHQ80t3htXTKSYyMWFpR/RCteuazb6b1dE69H7 7l5WlWoD9+bRdkBCnBgwLLk6O7tQT2S6zVMq/sq57wXrG8NGLxuqUZboUBaVVUGr GXmPZcMCAsLsjO3L9Mgq6pXm8tHeE2s6caojJwMVOvClUeHlpEVaczl3ILEtUkLR 7n+5DpjrBEaoK6bstHPkP3iEMm62ONL8rbdvI2eFbcwAv8oy7lqVtDYmWUPdvWQG wll44PFF9lFBsMkz/bFUBki39GHz7WnIfv8EJF1tFzITHs7Gvj4EubGu1C3hIitB XB7H2HMrLfWkXVy4XyosbZbynUh35EQrQT3hXyJHsQiURaLPdfzDCMqQ6GdQ3Aa4 IWrdBb0/7wIOqGwj8EuZCzOm9eAr143HjUJnm5zoUO0saXf5JyZQqtimQ2lk5NQP wddW/esbmCQCiwKClyYvj2gyG4kzJdYPZ/NCSkfCJLoIOHJ3c+bGBX8KUQfZR22i cjvNwLxP+uyUMDS+8aT6uvMgJetEujQg41BpO5vmgFalNN3ZkaMn5zSZgxRdD8O4 7nZbd5YV+3boWl01dpbk =I5l4 -----END PGP SIGNATURE----- _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform