openerp-india team mailing list archive

["Olivier Dony \(OpenERP\)" <928376@xxxxxxxxxxxxxxxxxx>]

** Summary changed:

- file_open is not safe
+ file_open is not safe and performs too many useless syscalls

** Changed in: openobject-server
   Importance: Undecided => Low

** Changed in: openobject-server
       Status: Incomplete => In Progress

** Changed in: openobject-server
    Milestone: None => 6.1

** Changed in: openobject-server
     Assignee: (unassigned) => OpenERP's Framework R&D (openerp-dev-framework)

-- 
You received this bug notification because you are a member of OpenERP
Indian Team, which is subscribed to OpenERP Server.
https://bugs.launchpad.net/bugs/928376

Title:
  file_open is not safe and performs too many useless syscalls

Status in OpenERP Server:
  In Progress

Bug description:
  It happens with 5.0 and certainly with 6.1 too.

  When you update the list of modules, the application calls:
    tools.file_open(terp_file)

  And file_open will browse all the parents of the "addons_path" for a zip file ... 
  I've added a statement to trace the call to "open()" :

  open('/home/florent/erpdemo/parts/openerp-server/bin/addons/account.zip', 'rb')
  open('/home/florent/erpdemo/parts/openerp-server/bin/addons.zip', 'rb')
  open('/home/florent/erpdemo/parts/openerp-server/bin.zip', 'rb')
  open('/home/florent/erpdemo/parts/openerp-server.zip', 'rb')
  open('/home/florent/erpdemo/parts.zip', 'rb')
  open('/home/florent/erpdemo.zip', 'rb')
  open('/home/florent.zip', 'rb')
  open('/home.zip', 'rb')
  open('/.zip', 'rb')

  This behaviour is seen on module installation or upgrade too.
  It is probably a security issue which impacts performance as well.

To manage notifications about this bug go to:
https://bugs.launchpad.net/openobject-server/+bug/928376/+subscriptions