On Thu, Nov 16, 2017 at 7:18 AM, Jim Meyering <j...@meyering.net> wrote:
> On Thu, Nov 16, 2017 at 2:37 AM, Bruno Haible <br...@clisp.org> wrote:
>> Paul Eggert wrote:
>>> > + ln -f "$file" "$file~" 2>/dev/null || cp -f "$file" "$file~" || {
>>>
>>> This will be problematic if the destination already exists, as the
>>> resulting permissions etc. may not be what the user intend. How about if
>>> we fall back on "mv -f" instead? Although this has the disadvantage of
>>> having a small window where "$file" does not exist, I think that's
>>> preferable to the disadvantage of using "cp".
P.S., thanks to both of you for the reviews and suggestions.
FYI, I've also pushed this:
From 9bb77d617a2fb499a6d133d4f2a4c33dc0df8a8a Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyer...@fb.com>
Date: Wed, 15 Nov 2017 08:49:01 -0800
Subject: build: make each generated script unwritable
* Makefile.am (.in): Ensure that each generated script is unwritable.
This makes it less likely that someone (even me) will mistakenly
modify one of those generated files.
---
Makefile.am | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/Makefile.am b/Makefile.am
index 6e5bb0f..f342808 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -80,12 +80,13 @@ gzip.doc.gz: gzip.doc $(bin_PROGRAMS)
SUFFIXES = .in
.in:
- $(AM_V_GEN)sed \
+ $(AM_V_GEN)rm -f $@-t $@ \
+ && sed \
-e 's|/bin/sh|$(SHELL)|g' \
-e 's|[@]GREP@|$(GREP)|g' \
-e 's|[@]VERSION@|$(VERSION)|g' \
$(srcdir)/$@.in >$@-t \
- && chmod a+x $@-t \
+ && chmod a=rx $@-t \
&& mv $@-t $@
# Arrange so that .tarball-version appears only in the distribution
--
2.13.5
