Dave wrote:
> mktemp is being used here to provide randomness in the filename,
> not just a uniqueness.
Ok - useful point.
How about:
t=${TMPDIR:-/usr/tmp}/gitdiff.$$.$RANDOM
> all an attacker has to do is create 65535 symlinks in /usr/tmp
And how about if I removed the tmp files at the top:
t=${TMPDIR:-/usr/tmp}/gitdiff.$$.$RANDOM
trap 'rm -fr $t.?; trap 0; exit 0' 0 1 2 3 15
rm -fr $t.?
... rest of script ...
How close does that come to providing the same level of safety, while
remaining portable over a wider range of systems, and not requiring that
a separate command be forked?
> I'd suggest fixing your distributions ...
It's not just my distro; it's the distros of all git users.
If apps can avoid depending on inessential details of their
environment, that's friendlier to all concerned.
And actually my distro is fine - it's just that I am running an old
version of it on one of my systems. Newer versions of the mktemp -t
option.
--
I won't rest till it's the best ...
Programmer, Linux Scalability
Paul Jackson <[EMAIL PROTECTED]> 1.650.933.1373,
1.925.600.0401
-
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
