On 25 August 2008 at 04:11, Nico Golde wrote:
| Hi Dirk,
| * Dirk Eddelbuettel <[EMAIL PROTECTED]> [2008-08-25 03:07]:
| > I think it is a false positive:
| >
| > # test functionality of the compiler
| > javac_works='not present'
| > if test -n "$JAVAC"; then
| > javac_works='not functional'
| > rm -rf /tmp/A.java /tmp/A.class ## <- note the rm -rf
| > echo "public class A { }" > /tmp/A.java
| > if test -e /tmp/A.java; then
| > if "${JAVAC}" /tmp/A.java >/dev/null; then
| > if test -e /tmp/A.class; then
| > javac_works=yes
| > fi
| > fi
| > fi
| > rm -rf /tmp/A.java /tmp/A.class
| > fi
| >
| > Right before /tmp/A.* are being used, they are being wiped. No symlink
| > attack.
| >
| > Unless I hear objections, I plan to close this one.
|
| Please don't. There is still a race condition here. The
| chance is not that high but it's still possible in theory to
| create the symlink after the unlink. Using mktemp shouldn't
| be a big effort but solve this problem.
Right. Stephen said so too. Trouble is that we then accumulate yet another
Debian-only patch... Oh well.
So something like
# test functionality of the compiler
javac_works='not present'
if test -n "$JAVAC"; then
javac_works='not functional'
#rm -rf /tmp/A.java /tmp/A.class
tempdir=`mktemp -d`
echo "public class A { }" > ${tempdir}/A.java
if test -e ${tempdir}/A.java; then
if "${JAVAC}" ${tempdir}/A.java >/dev/null; then
if test -e ${tempdir}/A.class; then
javac_works=yes
fi
fi
fi
#rm -rf /tmp/A.java /tmp/A.class
rm -rf ${tempdir}
fi
should do, right?
Dirk
--
Three out of two people have difficulties with fractions.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
