-
-
Notifications
You must be signed in to change notification settings - Fork 264
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Separate list formatting utility functions. #541
base: master
Are you sure you want to change the base?
Separate list formatting utility functions. #541
Conversation
Mmm... I see where you're coming from. This must be evaluated carefully, also because I already have a refactoring in mind for those 2 methods, as I plan to introduce the usage of |
Interesting, and makes sense. Does this mean pyftpdlib will just report some defaults for nlinks, mtime, user and group? Those all still need a It should still be possible to negotiate a signature for these formatting functions though, with most parameters optional. |
Not sure what you mean by “defaults”. From os.scandir() you can get the same info you get from os.stat(), so there should be no differences (except the code will be reorganized differently). And yes, we can probably split that by introducing 2 new methods which “format” the individual files/names as you did here. You are providing them as module functions, but I think it makes more sense to have them as methods of the fs class instead. |
I'm probably missing the picture of how you intend to rewrite |
Looking back at your original message:
I see your point. The fact is that |
My goal is that I want a FS object that definitely doesn't have any code that accesses the real filesystem, for security. I think the best way to do that, and to ensure it never accesses the filesystem if pyftpdlib code changes, is to write an FS class with no superclass. Like If I declare the class like So, this is the problem with having I don't think the use of |
This separates the output-formatting parts of
AbstractedFS.format_list()
andAbstractedFS.format_mlsx()
into utility functions, which makes it easier to create a filesystem object without inheriting fromAbstractedFS
.My use case is that I'm creating a FTP server which accesses data from bittorrent, downloaded on-the-fly. I don't want there to be any way to access the server's filesystem via the FTP server, except via the bittorrent abstraction.
Currently to do this, I have two options:
AbstractedFS
(1) has a security disadvantage. Even if I override every method from
AbstractedFS
today, the authors may write a new method onAbstractedFS
in the future whose default implementation accesses the filesystem, like all the other default implementations do today, and this may provide unintentional access to the filesystem.(2) currently has an implementation disadvantage, due to the
format_list()
andformat_mlsx()
methods. They produce output that is carefully crafted for compatibility. Unfortunately their implementations are tightly coupled to being member methods ofAbstractedFS
, so if I do option (2) I can't reuse this code and must copy it. This means my code won't benefit from any future refinements made by pyftpdlib.I understand the other disadvantage of (2) is that if pyftpdlib adds new required methods to AbstractedFS my app may break, but I prefer this to the security disadvantage of (1).
This change makes (2) more feasible by making the compatibility semantics of the
format_*()
methods reusable.