> The problem with this change is that we use the current directory for > security reasons, since it's very hard to safely use the /tmp directory > when communicating with external programs.
Ah-hah, so that's what my vague memory of potential breakage (and general nervousness about /tmp) was about. Thanks for clearing that up. If anyone's interested, this was meant to address the problem of calling a pager in a directory you don't have write permissions for. For example, if you do do darcs --help in /usr/bin (not as root), you will get an error like this: darcs: openFd: permission denied (Permission denied) trying to create the temp file. Perhaps for functions like viewDoc, we need something like a withUnsafeTemp (where unsafe is taken to mean from a security standpoint). [we may need to also create an unsafe variant of pipeDoc?] There's other issues that I don't understand with viewDoc and view_file. On Windows, if it does not find less.exe, it just fails, even though there is code to fall back on more and (for viewDoc), printing to stdout. I'm not I understand why it doesn't go ahead and try more under Windows. -- Eric Kow <http://www.nltg.brighton.ac.uk/home/Eric.Kow> PGP Key ID: 08AC04F9 _______________________________________________ darcs-users mailing list darcs-users@darcs.net http://lists.osuosl.org/mailman/listinfo/darcs-users
