From a7644fcca13db182cd44378ac1402f17c023e601 Mon Sep 17 00:00:00 2001
From: Sascha Silbe <silbe@activitycentral.com>
Date: Sun, 06 Mar 2011 01:26:35 +0000
Subject: Make sure data store checkouts are read-only

We don't want anyone to be able to alter a file that is inside the data store,
bypassing the API.

Signed-off-by: Sascha Silbe <silbe@activitycentral.com>
Acked-by: Simon Schampijer <simon@laptop.org>
---
diff --git a/src/carquinyol/filestore.py b/src/carquinyol/filestore.py
index 7094310..0b34b69 100644
--- a/src/carquinyol/filestore.py
+++ b/src/carquinyol/filestore.py
@@ -133,14 +133,6 @@ class FileStore(object):
             else:
                 raise
 
-        # Try to make the original file readable. This can fail if the file is
-        # in a FAT filesystem.
-        try:
-            os.chmod(file_path, 0604)
-        except OSError, e:
-            if e.errno != errno.EPERM:
-                raise
-
         return destination_path
 
     def get_file_path(self, uid):
@@ -226,7 +218,7 @@ class AsyncCopy(object):
 
         self.src_fp = os.open(self.src, os.O_RDONLY)
         self.dest_fp = os.open(self.dest, os.O_RDWR | os.O_TRUNC | os.O_CREAT,
-                0644)
+                0444)
 
         stat = os.fstat(self.src_fp)
         self.size = stat[6]
--
cgit v0.9.1