Pijul only writes it on Linux. This comes from a deep frustration with Darcs not storing the exec bit on scripts, why do you say it leaks sensitive information?
The exec bit for the user is fine and very frustrating not to have, I agree!
I only heard that there was some security reason behind that decision in Git and Hg, but am failing to see a profound security issue. It’s more of an annoying (and useless) information because your group is not the same as my group, so these permissions are meaningless in a distributed environment.
Maybe I’ll get an answer about the (potential) security aspect of it from someone else.
66BPBWJ3NI3BACFUZ5YFK7IRX3OYLMZBXBC6GHNWHTLCATEWBU5QC
VX5K3FSNORCD3GHVBWF3AKAD37MHRFDATDGGXTNXK42FTAUUOKUAC
Done! I remembered another issue I had with Darcs where I needed the group permissions, but I believe that just not resetting the permissions on the remote would have been enough in my case. You and Pierre-Yves convinced me that the group (and “others”) is indeed not a very meaningful thing to keep.
Sorry for re-opening: I’m failing to see what the use for the r/w permission would be, since the VCS needs r/w anyway to properly operate. Is this a way of allowing people to do a “read only -> read+write -> edit -> read only” dance to manage config files or something similar? This should be a config option IMO, but you might figure otherwise.
No worries about the reopening. There is no real need for the r/w permissions, but they don’t hurt and people are used to displaying the mode bits. But maybe +x
and -x
in the text format would be preferable? What do you think?
Also, I unrecorded my change from the main channel because it seems to break my repository for some very strange reason.
I wouldn’t recommend storing “apparently useless” information. Unless someone formulates a need for them, they are just noise in the data at least, and at most an annoyance (if someone were to send patches setting files to read-only because they felt like it). The executable and symlink information (which AFAIKT Pijul does not yet support) are very useful, so displaying those sounds good.
Also, I unrecorded my change from the main channel because it seems to break my repository for some very strange reason.
Huh, weird.
X243Z3Y54ULINQMMRIKLHRV5T237B7VUOAHVJ7DMPOQ6A6GQXY2AC
I’ve changed the text format to make it more readable, now that we only care about two bits. The “directory bit” implies the “executable/browsable bit”.
Also, symbolic links aren’t really supported at the moment, but the format is forward-compatible. The reason it isn’t supported is that I want symlinks to commute with moves of the target, and I’d rather debug the semi-usable system we have now before adding features.
I’ll close this, feel free to reopen if you’re unhappy with the resulting change.
Aside from the user exec bit (which does not exist on all platforms, but maybe on all that Pijul supports?) which is valuable information and does not divulge security-sensitive information, and the symlink bit, we should not be recording information about permissions.