This one time, at band camp, Dirk Eddelbuettel said:
>
> On 25 August 2008 at 01:43, Stephen Gran wrote:
> | This one time, at band camp, Dirk Eddelbuettel said:
> | >
> | > This is the same as the one I just answered for r-base-core-ra as
> | > r-base-core-ra is an extension/specialisation of r-base-core.
> | >
> | > So again:
> | >
> | > # test functionality of the compiler
> | > javac_works='not present'
> | > if test -n "$JAVAC"; then
> | > javac_works='not functional'
> | > rm -rf /tmp/A.java /tmp/A.class
> | > echo "public class A { }" > /tmp/A.java
> | > if test -e /tmp/A.java; then
> | > if "${JAVAC}" /tmp/A.java >/dev/null; then
> | > if test -e /tmp/A.class; then
> | > javac_works=yes
> | > fi
> | > fi
> | > fi
> | > rm -rf /tmp/A.java /tmp/A.class
> | > fi
> | >
> | >
> | > rm just before file creation should prevent any symlink attack vectors,
> no?
> |
> | No.
>
> Allright, so what is a better way? Use of tempfile(1) or mktemp(1) ?Yes, something like that would be better - the current approach leaves a small but exploitable race condition. I have no opinion on whether the race condition matters in practice, of course, but my gut says that the extra effort to use safe coding practices is so small that it's probably worth it. -- ----------------------------------------------------------------- | ,''`. Stephen Gran | | : :' : [EMAIL PROTECTED] | | `. `' Debian user, admin, and developer | | `- http://www.debian.org | -----------------------------------------------------------------
signature.asc
Description: Digital signature
