mirrors/git-annex
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

comment

Browse source
This commit is contained in:
Joey Hess 2023-01-17 13:08:49 -04:00
parent be6aec3100
commit eb5b072e2e
No known key found for this signature in database
GPG key ID: DB12DB0FF05F8F38
1 changed files with 22 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
doc/bugs/annex_add_freezes_before_moving__58___stopped_working/comment_3_db0070d2b601e66aca3059248cc24bbb._comment Normal file
View file

@ -0,0 +1,22 @@
[[!comment format=mdwn
username="joey"
subject="""comment 3"""
date="2023-01-17T16:59:22Z"
content="""
On the idea of only removing the write permissions before checksumming and
running the freeze hook later, it occurs to me that on some systems, write
perms are inneffective, but the freeze hook is able to more effectively
prevent writing.
Actually, the immutable bit on linux is a good example of this. If a
process has the file open for write when `git-annex add` is run, removing
the write bit will not prevent modifications to the file happening during
checksumming. But `chattr +i` actually causes further writes to that handle
to fail with EPERM. So if someone is able to use chattr and sets up a hook,
they get better prevention of an unlikely but possible scenario, where
a write to a file done during checksumming is not detectable by git-annex.
(Unlikely because the file mtime also has to get reset back to what it was
before, and the file size can't change. A process would have to really
go out of its way to defeat git-annex, but still one *could*.)
"""]]