-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Michael_E_Brown(a)Dell.com wrote:
Recommend:
do_elevated()
do_asuser()
To ensure that all calls are easy-to-audit. The elevate() and drop()
calls should be properly bracketed with a try/finally so that exceptions
do not interfere with dropping privs.
So essentially we won't call "do" directly from a command anymore,
we'll call do_<how> and that's where we'll elevate (or not)? Yeah, I
can go with that. And yes, a try/finally was on the agenda...
Along these lines, I also thought that the mount()/umount() code would
be best if it were pushed into the do() function.
I haven't looked at that, so have no opinion. I'll look at it while
I'm working on the above.
As for the new mock, I would say patch format to the list is best
for
small changes.
I'm on the fence as to whether this is a small to change to mock.py.
Tell you what, I'll add the do_elevated and do_asuser wrappers, put
that in place and send a diff. If it's too messy I can always send the
source.
Clark
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Fedora -
http://enigmail.mozdev.org
iD8DBQFEkZ1NHyuj/+TTEp0RAitWAJ9ygZUOa5JcpAjY9KLoXIkDYK1uygCeOR5p
8J8UdDJxuzzVT0tSuutxRm8=
=sbdx
-----END PGP SIGNATURE-----