[Bug 756179] Review Request: aeolus-configserver - The Aeolus Audrey Config Server
bugzilla at redhat.com
bugzilla at redhat.com
Wed Nov 23 13:50:42 UTC 2011
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=756179
--- Comment #3 from Joe VLcek <JVLcek at RedHat.com> 2011-11-23 08:50:41 EST ---
(In reply to comment #2)
> I'll be afk for a while soon, and probably won't be back before 4pm
> (10am your time), but here's some initial feedback:
>
> I noticed that this code uses /tmp/audrey as a "STORAGE_DIR",
>
> src/config.ru:storage_dir = ENV['STORAGE_DIR'] || '/tmp/audrey'
>
> described as:
>
> # Directory where aeolus-configserver stores the instance configrations
>
> First, that's a typo: s/configrations/configurations/
>
> More importantly, I don't see anything that guarantees /tmp/audrey has
> been created by us and that it isn't writable by others.
> Sounds risky to use a hard-coded name like that.
> What if someone else has already created it?
Thank you for you feedback Jim.
I'll address these issue.
I also realized that I had commented out the rake under the %build in
the spec while doing some development. I'll fix that too and post a
new review.
Joe
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the package-review
mailing list