[systemd-devel] tmpfile white listing [PATCH]v3
Lennart Poettering
lennart at poettering.net
Wed Apr 27 12:52:17 PDT 2011
On Wed, 27.04.11 10:03, William Douglas (william.r.douglas at gmail.com) wrote:
>
> +static bool protected(const char *key) {
> + struct Item *i;
> +
> + if (!(i = find_glob(globs, key)))
> + if (!(i = (Item *)hashmap_get(items, key)))
> + return false;
> +
> + return i->type == TRUNCATE_DIRECTORY || i->type == IGNORE_PATH;
> +}
> +
Hmmy, why only protected D and x here?
I think it would make sense protect *everything* with a rule of its
own. If somebody writes a rule, then it should apply unconditionally,
and not be overriden by another rule.
So I think this last check should be removed, or do you have a strong
reason to limit this to x and D?
Especially, since for the aging we did not make such a check, and your
patch thus alterns the current behaviour, and I am not sure why?
Otherwise looks fine to me.
Lennart
--
Lennart Poettering - Red Hat, Inc.
More information about the systemd-devel
mailing list