[tahoe-dev] Twisted dropin.cache warnings

[David-Sarah Hopwood]

On 2011-01-29 17:15, Zooko O'Whielacronx wrote:
>> The tests were apparently trying to write a file into the installed
>> version of twisted, which (correctly) failed with EPERM.
> 
> This sounds suspiciously like:
> 
> http://twistedmatrix.com/trac/wiki/FrequentlyAskedQuestions#WhydoIgetaPermissiondeniederrortryingtowrite...site-packagestwistedpluginsdropin.cache.newwhenIusetwistdortrialorsomeotherTwistedprogram

The FAQ entry says:

# However, when a Twisted installation is used by processes without write
# permission to it (as is commonly the case for a site-wide installation),
# if this cache file is not up to date, attempts to rewrite it will result
# in this error. The solution is for the administrator (whoever performed
# the site install) to generate the cache.

This seems wrong. Suppose for the sake of argument that the process had
had permission to write to the cache. Just because it can do so, doesn't mean
that it *should* write into a shared installation. For a process operating
on behalf of a particular user to even *attempt* to write to a cache that is
shared between users, is a potential confused deputy error. Twisted should
not be relying on file permissions to avoid making that error.

-- 
David-Sarah Hopwood  ⚥  http://davidsarah.livejournal.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 292 bytes
Desc: OpenPGP digital signature
URL: <http://tahoe-lafs.org/pipermail/tahoe-dev/attachments/20110130/75ad2dbe/attachment.pgp>