forked from sparkle-project/Sparkle
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- We now correctly handle the case where the containing directory doesn't allow us adding files without authorization (e.g. /Applications). - We do the quarantine release *before* the copy.
- Loading branch information
1 parent
27f2b9c
commit e49a698
Showing
1 changed file
with
37 additions
and
21 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
e49a698
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Uli, can you take a look at line 364 and 365 above and let me know if my reasoning for why this should be changed rings true for you? It looks like the case this is handling is where the target file does not yet exist, so for example if we are trying to copy into /Applications/MyApp.app.
The test then for write access is confirming write access for both:
"/Applications"
AND
"/"
It strikes me that in the case where there is no file already there, it should ONLY need to test for write access to the container folder for the file to be created. I suspect the redundant check on the second-level parent is a vestige of copying/modeling on the code that handles the case where the file exists and thus permission for both the file and the containing folder needs to be tested.
The downside to the code as it stands in this commit is if the user DOES have access to the container folder, but DOES NOT have access to the second-level container, Sparkle will erroneously prompt for admin privileges to complete the installation.
AMIRITE? :)