Permission denied messages sent to webserver error log during scanning

Charles Dee Rice cdrice at
Sat Dec 13 21:09:47 CET 2014

As a bit of a suggestion/request, I'd like to recommend a setting or option to ignore permission denied errors during scanning (or at least not send them to stderr / the webserver error log). 

For example: 
Error opening directory /some-directory/lost+found: Permission denied (13) 
Error opening directory /some-directory/private-stuff: Permission denied (13) 

Semantics are debatable -- perhaps rather than ignoring any permission denied errors, it is safer to ignore or exclude certain directory names (i.e. lost+found) or some user-defined list, etc. 

I noticed it while setting up my own scanning and thought I would toss the idea out there for discussion if it hasn't come up before.  For my purposes, I just added a check in scan-tree.c:scan_path() to skip the error message if errno == EACCES, but I certainly don't think that would necessarily be the best approach for everyone.

Maybe a cgitrc variable "scan-ignore-errors" to blanket turn off error messages during scans or something more refined like "scan-ignore-regex" to list a series of expressions to omit from scanning?

- Chuck

More information about the CGit mailing list