Review Request 111636: Port away from kde_file.h in AuthInfo (KIO)

David Faure faure at kde.org
Fri Jul 26 20:32:50 UTC 2013 


> On July 23, 2013, 11:19 a.m., David Faure wrote:
> > staging/kio/src/core/authinfo.cpp, line 324
> > <http://git.reviewboard.kde.org/r/111636/diff/1/?file=172718#file172718line324>
> >
> >     For some reason Qt has a Q_FOREVER() macro for this. I admit that I'm not sure what it difference it makes compared to while(true) though....
> 
> Alex Merry wrote:
>     #define Q_FOREVER for(;;)
>     
>     I'm going to go with "none whatsoever".
> 
> David Gil Oliva wrote:
>     Alex: I'm sorry, I don't understand what you mean...    ?:-/
> 
> Alex Merry wrote:
>     dfaure was wondering whether "Q_FOREVER" was any better than "while (true)"; given "Q_FOREVER" is just a #define for "for(;;)" (which does exactly the same as "while (true)"), there's no real difference (with any sane compiler), only an aesthetic one.
>     
>     Personally, I think "while (true)" is the best one; it's completely obvious to anyone who knows C or C++ what it does.

Yeah OK, keep while(true). I still wonder why Qt has Q_FOREVER though :)


> On July 23, 2013, 11:19 a.m., David Faure wrote:
> > staging/kio/src/core/authinfo.cpp, line 482
> > <http://git.reviewboard.kde.org/r/111636/diff/1/?file=172718#file172718line482>
> >
> >     The old didn't have such a strict permission checking. Is it intended to be strict? Or would it be enough to check if open(ReadOnly) succeeds or fails?
> 
> David Gil Oliva wrote:
>     IMHO, it actually did:
>     
>       // Security check!!
>       if ( sbuff.st_mode != (S_IFREG|S_IRUSR|S_IWUSR) ||
>            sbuff.st_uid != geteuid() )
>            return -1;
>     
>     .netrc must be 600: nobody except the user has permission to read and write it. Keep in mind that we're dealing with logins and passwords.
>     
>     Explanation: http://www.mavetju.org/unix/netrc.php

Ah sorry, missed that. Well, if you tested it, everything's fine.

I'm just always a bit wary about QFile::ReadUser vs QFile::ReadOwner, and their different behavior difference on Unix and Windows. But OK, code seems fine.


- David


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://git.reviewboard.kde.org/r/111636/#review36282
-----------------------------------------------------------


On July 21, 2013, 11:41 p.m., David Gil Oliva wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> http://git.reviewboard.kde.org/r/111636/
> -----------------------------------------------------------
> 
> (Updated July 21, 2013, 11:41 p.m.)
> 
> 
> Review request for KDE Frameworks.
> 
> 
> Description
> -------
> 
> Port away from kde_file.h in AuthInfo (KIO)
> 
> I have tried not to touch much code, but I finally rewrote some parts to make them easier to understand.
> 
> 
> Diffs
> -----
> 
>   staging/kio/src/core/authinfo.h d6415b2f2e9ccec7c3e046f569fb44dbbc879d6b 
>   staging/kio/src/core/authinfo.cpp 65ebacf84e989f19f1b896c596a6b24185c67447 
> 
> Diff: http://git.reviewboard.kde.org/r/111636/diff/
> 
> 
> Testing
> -------
> 
> It builds. I have tested the part of the code not related to loginMap with a little program and .netrc sample files, to check whether it correctly parses the information.
> 
> 
> Thanks,
> 
> David Gil Oliva
> 
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20130726/843c61db/attachment.html>

More information about the Kde-frameworks-devel mailing list