Homec4science
Diffusion Phabricator ab20f243b341

Improve consistency of file access policies, particularly for LFS
ab20f243b341
Actions

Authored by epriestley <git@epriestley.com> on Apr 22 2016, 13:40.

Description

Improve consistency of file access policies, particularly for LFS

Summary:
Ref T7789. Currently, we use different viewers if you have security.alternate-file-domain configured vs if you do not.

This is largely residual from the days of one-time-tokens, and can cause messy configuration-dependent bugs like the one in T7789#172057.

Instead, always use the omnipotent viewer. Knowledge of the secret key alone is sufficient to access a file.

Test Plan:

  • Disabled security.alternate-file-domain.
  • Reproduced an issue similar to the one described on T7789.
  • Applied change.
  • Clean LFS interaction.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T7789

Differential Revision: https://secure.phabricator.com/D15784

Details

Committed
epriestley <git@epriestley.com>Apr 22 2016, 17:12
Pushed
aubortJan 31 2017, 17:16
Parents
rPH711f13660e54: Synchronize working copies before doing a "bypassCache" commit read
Branches
Unknown
Tags
Unknown

Event Timeline

epriestley <git@epriestley.com> committed rPHab20f243b341: Improve consistency of file access policies, particularly for LFS (authored by epriestley <git@epriestley.com>).Apr 22 2016, 17:12

Changes (1)

Path
Msrc/applications/files/controller/PhabricatorFileDataController.php

rPHab20f243b341

View Options

src/applications/files/controller/PhabricatorFileDataController.php

Loading...
c4science ยท Help