On Tue 2019-03-19 09:31:55 -0400, Greg Wooledge wrote: > There are scripts that *rely* on the seekability of the temporary files > created by here-documents and here-strings. "Improving" the "situation" > would break backward compatibility.
i hope you noticed that of my suggested improvements, only one of them
(a) breaks seekability. Do you have a preference among the other
proposals? I'm partial to memfd_create(2) on platforms that support it,
though i'm not sure how to turn that file descriptor into O_RDONLY
before the exec.
> There is simply NO valid reason to write <<<"$secret" in a script, and
> thus there is no need to "improve" anything other than the scripts
> that are doing that. Use a pipe instead.
Not all tools take their secret inputs on stdin. indeed, some are
explicitly designed to accept special values on other file descriptors.
How do you replicate 3<<<"$secret" with a pipeline?
Thanks for helping to think this through!
Regards,
--dkg
signature.asc
Description: PGP signature
