Review Request 111636: Port away from kde_file.h in AuthInfo (KIO)
David Gil Oliva
davidgiloliva at gmail.com
Tue Jul 23 20:24:09 UTC 2013
> On July 23, 2013, 11:19 a.m., David Faure wrote:
> > staging/kio/src/core/authinfo.cpp, line 324
> > <http://git.reviewboard.kde.org/r/111636/diff/1/?file=172718#file172718line324>
> >
> > For some reason Qt has a Q_FOREVER() macro for this. I admit that I'm not sure what it difference it makes compared to while(true) though....
>
> Alex Merry wrote:
> #define Q_FOREVER for(;;)
>
> I'm going to go with "none whatsoever".
Alex: I'm sorry, I don't understand what you mean... ?:-/
> On July 23, 2013, 11:19 a.m., David Faure wrote:
> > staging/kio/src/core/authinfo.cpp, line 482
> > <http://git.reviewboard.kde.org/r/111636/diff/1/?file=172718#file172718line482>
> >
> > The old didn't have such a strict permission checking. Is it intended to be strict? Or would it be enough to check if open(ReadOnly) succeeds or fails?
IMHO, it actually did:
// Security check!!
if ( sbuff.st_mode != (S_IFREG|S_IRUSR|S_IWUSR) ||
sbuff.st_uid != geteuid() )
return -1;
.netrc must be 600: nobody except the user has permission to read and write it. Keep in mind that we're dealing with logins and passwords.
Explanation: http://www.mavetju.org/unix/netrc.php
- David
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://git.reviewboard.kde.org/r/111636/#review36282
-----------------------------------------------------------
On July 21, 2013, 11:41 p.m., David Gil Oliva wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> http://git.reviewboard.kde.org/r/111636/
> -----------------------------------------------------------
>
> (Updated July 21, 2013, 11:41 p.m.)
>
>
> Review request for KDE Frameworks.
>
>
> Description
> -------
>
> Port away from kde_file.h in AuthInfo (KIO)
>
> I have tried not to touch much code, but I finally rewrote some parts to make them easier to understand.
>
>
> Diffs
> -----
>
> staging/kio/src/core/authinfo.h d6415b2f2e9ccec7c3e046f569fb44dbbc879d6b
> staging/kio/src/core/authinfo.cpp 65ebacf84e989f19f1b896c596a6b24185c67447
>
> Diff: http://git.reviewboard.kde.org/r/111636/diff/
>
>
> Testing
> -------
>
> It builds. I have tested the part of the code not related to loginMap with a little program and .netrc sample files, to check whether it correctly parses the information.
>
>
> Thanks,
>
> David Gil Oliva
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20130723/fabbaece/attachment.html>
More information about the Kde-frameworks-devel
mailing list