1 |
W dniu sob, 28.10.2017 o godzinie 15∶46 +0200, użytkownik Ulrich Mueller |
2 |
napisał: |
3 |
> > > > > > On Sat, 28 Oct 2017, Michał Górny wrote: |
4 |
> > W dniu sob, 28.10.2017 o godzinie 14∶49 +0200, użytkownik Ulrich Mueller |
5 |
> > napisał: |
6 |
> > > Other tools like "find" don't special-case dot-prefixed files |
7 |
> > > though (in fact, "ls" may well be the exception there). |
8 |
> > > |
9 |
> > > Implicit ignores only create an unnecessary attack surface. Better |
10 |
> > > make them explicit, even if this will require adding some entries |
11 |
> > > for common cases (like .git in the top-level dir). |
12 |
> > I dare say it's not an attack surface if tools are explicitly |
13 |
> > directed not to use those files. |
14 |
> |
15 |
> For example, an ebuild can apply all patches from a given directory. |
16 |
> We certainly don't want any unaccounted dot-prefixed files being |
17 |
> injected there. (And yes, globbing shouldn't normally match such |
18 |
> files, but there's at least one eclass setting the dotglob option.) |
19 |
|
20 |
I think that's a really poor argument. |
21 |
|
22 |
Firstly, the mentioned eclass does it for one command call, and it |
23 |
doesn't go anywhere near the repository. So no, that doesn't count. |
24 |
|
25 |
Secondly, someone being able to theoretically cut himself with a spoon |
26 |
if he only sharpened its edge is no reason to forbid people from having |
27 |
spoons without explicitly written permission. |
28 |
|
29 |
> > The problem is, you can't predict all possible dotfiles and even if |
30 |
> > you do, you're effectively blocking the user from creating any files |
31 |
> > for his own use. |
32 |
> |
33 |
> Create files for their own use in random locations in the Gentoo |
34 |
> repository? Why would anyone want to do that? |
35 |
|
36 |
.DS_Store? ;-) |
37 |
|
38 |
> > Say, if user wanted to use git on top of rsync for his own purposes, |
39 |
> > why would you prevent him from doing that? |
40 |
> |
41 |
> As I said before, top-level .git should have an explicit IGNORE entry. |
42 |
|
43 |
Are we going to supply explicit IGNORE entries for any VCS anyone might |
44 |
choose to use? Or backup software and any other weird thing? |
45 |
|
46 |
> IMHO we should rather stay on the safe side there, unless someone will |
47 |
> speak up who has a concrete workflow where such dot-prefixed files |
48 |
> with unpredictable names are needed. |
49 |
|
50 |
I've already mentioned two. The first one were cheap union filesystems |
51 |
based on FUSE where I'm pretty sure I've seen random dotfiles. |
52 |
|
53 |
-- |
54 |
Best regards, |
55 |
Michał Górny |