Direct mode .git/annex/objects directories are no longer left writable

Because that allowed writing to symlinks of files that are not present, which followed the link and put bad content in an object location. fsck: Fix up .git/annex/object directory permissions. This commit was sponsored by an anonymous bitcoin donor.
author: Joey Hess <joey@kitenet.net> 2013-11-15 14:52:03 -0400
committer: Joey Hess <joey@kitenet.net> 2013-11-15 14:52:03 -0400
commit: 454c990ce49af450d3177f2ea9c6132681959078 (patch)
tree: 9c11d10ccac85d646f7c85a1e51b71efc0a7c28a /Annex/Perms.hs
parent: a4ea1393cef234518bfa8dcaeb522259a485b414 (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/Annex/Perms.hs b/Annex/Perms.hs
index f5925b741..9ce0fe2a6 100644
--- a/Annex/Perms.hs
+++ b/Annex/Perms.hs
@@ -13,12 +13,14 @@ module Annex.Perms (
 	createContentDir,
 	freezeContentDir,
 	thawContentDir,
+	modifyContent,
 ) where
 
 import Common.Annex
 import Utility.FileMode
 import Git.SharedRepository
 import qualified Annex
+import Annex.Exception
 import Config
 
 import System.Posix.Types
@@ -103,3 +105,13 @@ createContentDir dest = do
 		liftIO $ allowWrite dir
   where
 	dir = parentDir dest
+
+{- Creates the content directory for a file if it doesn't already exist,
+ - or thaws it if it does, then runs an action to modify the file, and
+ - finally, freezes the content directory. -}
+modifyContent :: FilePath -> Annex a -> Annex a
+modifyContent f a = do
+	createContentDir f -- also thaws it
+	v <- tryAnnex a
+	freezeContentDir f
+	either throwAnnex return v
author	Joey Hess <joey@kitenet.net>	2013-11-15 14:52:03 -0400
committer	Joey Hess <joey@kitenet.net>	2013-11-15 14:52:03 -0400
commit	454c990ce49af450d3177f2ea9c6132681959078 (patch)
tree	9c11d10ccac85d646f7c85a1e51b71efc0a7c28a /Annex/Perms.hs
parent	a4ea1393cef234518bfa8dcaeb522259a485b414 (diff)