[systemd-devel] tmpfile white listing [PATCH]v3

Lennart Poettering lennart at poettering.net
Wed Apr 27 12:52:17 PDT 2011


On Wed, 27.04.11 10:03, William Douglas (william.r.douglas at gmail.com) wrote:

>  
> +static bool protected(const char *key) {
> +        struct Item *i;
> +
> +        if (!(i = find_glob(globs, key)))
> +                if (!(i = (Item *)hashmap_get(items, key)))
> +                        return false;
> +
> +        return i->type == TRUNCATE_DIRECTORY || i->type == IGNORE_PATH;
> +}
> +

Hmmy, why only protected D and x here?

I think it would make sense protect *everything* with a rule of its
own. If somebody writes a rule, then it should apply unconditionally,
and not be overriden by another rule.

So I think this last check should be removed, or do you have a strong
reason to limit this to x and D?

Especially, since for the aging we did not make such a check, and your
patch thus alterns the current behaviour, and I am not sure why?

Otherwise looks fine to me.

Lennart

-- 
Lennart Poettering - Red Hat, Inc.


More information about the systemd-devel mailing list