Zack Weinberg <[EMAIL PROTECTED]> writes: > The interface looks sound to me with one exception: it's not safe to > conflate !-pipe with -save-temps, because that opens up the > possibility of a tempfile race -- if an attacker sees that the > compiler is producing /tmp/ccQWERTY.s, then they should not be able to > predict that the assembler will produce /tmp/ccQWERTY.o.
It is not necessarily obvious, but on a system which supports pipes you will only get temporary files if you explicitly request them via PEX_SAVE_TEMPS. If you don't use PEX_SAVE_TEMPS, then the code will always use pipes for communication. If you do use PEX_SAVE_TEMPS, then the caller provides the base name and the suffix, and the caller is responsible for making good choices. The weasel words about using temporary files when PEX_SAVE_TEMPS is not set is for systems which do not support pipes. > Also, why the parentheses around the numbers? Habit. Ian
