Rev 2382: Review feedback. in file:///home/robertc/source/baz/hpss-chroot/

Robert Collins robertc at robertcollins.net
Wed Mar 28 06:19:03 BST 2007 

At file:///home/robertc/source/baz/hpss-chroot/

------------------------------------------------------------
revno: 2382
revision-id: robertc at robertcollins.net-20070328051901-x5osh1c7fk75ira8
parent: robertc at robertcollins.net-20070328033235-sph663bdtwynteg9
committer: Robert Collins <robertc at robertcollins.net>
branch nick: hpss-chroot
timestamp: Wed 2007-03-28 15:19:01 +1000
message:
  Review feedback.
modified:
  NEWS                           NEWS-20050323055033-4e00b5db738777ff
  bzrlib/transport/chroot.py     chroot.py-20061011104729-0us9mgm97z378vnt-1
  bzrlib/transport/http/wsgi.py  wsgi.py-20061005091552-rz8pva0olkxv0sd8-2
=== modified file 'NEWS'
--- a/NEWS	2007-03-28 03:02:32 +0000
+++ b/NEWS	2007-03-28 05:19:01 +0000
@@ -5,8 +5,10 @@
     * bzrlib API compatability with 0.8 has been dropped, cleaning up some
       code paths. (Robert Collins)
 
-    * Rewritten chroot transport that prevents accidental chroot escapes when
-      using urlutils against the transport's url.
+    * Change the format of chroot urls so that they can be safely manipulated
+      by generic url utilities without causing the resulting urls to have
+      escaped the chroot. A side effect of this is that creating a chroot
+      requires an explicit action using a ChrootServer.
       (Robert Collins, Andrew Bennetts)
 
   TESTING:

=== modified file 'bzrlib/transport/chroot.py'
--- a/bzrlib/transport/chroot.py	2007-03-28 03:32:35 +0000
+++ b/bzrlib/transport/chroot.py	2007-03-28 05:19:01 +0000
@@ -32,7 +32,14 @@
 
 
 class ChrootServer(Server):
-    """Server for chroot transports."""
+    """User space 'chroot' facility.
+    
+    The server's get_url returns the url for a chroot transport mapped to the
+    backing transport. The url is of the form chroot-xxx:/// so parent
+    directories of the backing transport are not visible. The chroot url will
+    not allow '..' sequences to result in requests to the chroot affecting
+    directories outside the backing transport.
+    """
 
     def __init__(self, backing_transport):
         self.backing_transport = backing_transport
@@ -53,6 +60,10 @@
 
 
 class ChrootTransport(Transport):
+    """A ChrootTransport.
+
+    Please see ChrootServer for details.
+    """
 
     def __init__(self, server, base):
         self.server = server

=== modified file 'bzrlib/transport/http/wsgi.py'
--- a/bzrlib/transport/http/wsgi.py	2007-03-28 03:02:32 +0000
+++ b/bzrlib/transport/http/wsgi.py	2007-03-28 05:19:01 +0000
@@ -99,7 +99,7 @@
         self.backing_transport = get_transport(self.chroot_server.get_url())
         # While the chroot server can technically be torn down at this point,
         # as all it does is remove the scheme registration from transport's 
-        # protocol dictionary, we dont *just in case* there are parts of 
+        # protocol dictionary, we don't *just in case* there are parts of 
         # bzrlib that will invoke 'get_transport' on urls rather than cloning
         # around the existing transport.
         #self.chroot_server.tearDown()

More information about the bazaar-commits mailing list