Closed jankeromnes closed 11 years ago
espadrine
commented
11 years ago I hate this to be my answer, but until we either:
… this doesn't really work. Indeed, uploaded files can't be edited through Pencil because of that.
jankeromnes
commented
11 years ago Thanks for complaining about stuff :)
Ok maybe it doesn't work because fs.rename doesn't chown the file. But when the file is on another file system, it actually gets piped through a stream to a new file, that I would argue is owned by the correct user with appropriate rights. Do you think removing the call to fs.rename and falling back directly to piping the file content would fix that?
(also when did we start shouting at people?)
espadrine
commented
11 years ago @jankeromnes, I don't have a reproducible test case, and the call to fs.rename doesn't seem to alter the permissions of the file. I think this is a case of "corruption" between privileged and unprivileged files in the tree.
It seems, on the other hand, that if the server is root (which is unavoidable), all files it uploads / creates are root (which is avoidable). Changing that will require more planning than I previously thought. Indeed, all already created files will have to have their owner and group changed. For Linux at least, we'll have to set up a separate owner (in the Makefile). I have shivers thinking about people uploading dangerous programs.
jankeromnes
commented
11 years ago I really hope that the server being root is avoidable. I haven't lost hope to fix that one day! Also, thanks for merging :)
espadrine
commented
11 years ago I really hope that the server being root is avoidable.
It is, and I can make it my next adventure. After using multilog. And ordering gateway files by freshness.
Please complain about stuff :)