[Calypso] patches: git execution, user name in git commit, htpassword parsing
chrysn
chrysn at fsfe.org
Tue Jan 17 07:26:23 PST 2012
hi calypso developers,
i've got some patches i'd like to suggest for inclusion in calypso,
mainly concerning git handling:
* 0001: git used to be called using os.system, which invokes a subshell.
given file names occur in here and they can potentially be manipulated
by the user, this could effectively give any user shell access.
the patch re-writes the git calls to subprocess.check_call, which
works like fork/execv, passing argv as an array to the subprocess.
additionally, errors in git execution now throw an exception. (which
is a good thing imo.)
* 0002: reflect logged in user in git commit author
this is a slightly bigger change, as i have to pass the information
from the http request handling all the way down to the git calls.
in order to stay extensible, i've put the relevant information into a
"context" dictionary, all of whose entries are optional. thus,
additional information (like a real user name provided by the
authentication backend, or the user's ip address) can be added to it
later without having to add another argument to pass around.
currently, the user id is set as the git author name ("my_user
<my_user at webdav>"), and the user agent is appended in an additional
line to the commit message. (i want to store that information in case
a client goes crazy and destroys data.)
* 0003: htpasswd parsing
just a minor bugfix against problems with ':' in unencrypted passwords
* a suggestion without patch:
currently, config paths are hardcoded to ~/.config/calypso/config, and
the storage defaults to ~/.config/calypso/calendars. there is a
specification that guides where files should go in the home directory
and how to find them [1], and there's even a python module
xdg.BaseDirectory that implements it. this allows for configurable
places to store configs (instead of ~/.config), and (more importantly)
distinguishes between configuration (which typically resides in
~/.config) and data (in ~/.local/share) directories. this distinction
is especially important for users who keep there configuration version
controlled, and don't want anything but config there.
not writing a patch yet because i'm not sure how to make the
transition. given the user base is probably quite small and well
informed at the moment, it might be an option to just change the
default value for the calendar storage location.
as far as making the default config file location xdg compliant is
concerned, i don't expect compatibility problems because hardly anyone
changes these default values.
regards
chrysn
[1] http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html
--
To use raw power is to make yourself infinitely vulnerable to greater powers.
-- Bene Gesserit axiom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-execute-external-git-calls-using-subprocess.patch
Type: text/x-diff
Size: 2254 bytes
Desc: not available
URL: </pipermail/calypso/attachments/20120117/71f96ce9/attachment.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-reflect-http-authentication-in-git-commit.patch
Type: text/x-diff
Size: 13053 bytes
Desc: not available
URL: </pipermail/calypso/attachments/20120117/71f96ce9/attachment-0001.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0003-split-htpasswd-entries-to-no-more-than-two-parts.patch
Type: text/x-diff
Size: 995 bytes
Desc: not available
URL: </pipermail/calypso/attachments/20120117/71f96ce9/attachment-0002.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: </pipermail/calypso/attachments/20120117/71f96ce9/attachment.pgp>
More information about the Calypso
mailing list