Hi Dirk,
* Dirk Eddelbuettel <[EMAIL PROTECTED]> [2008-08-25 03:07]:
> I think it is a false positive:
>
> # test functionality of the compiler
> javac_works='not present'
> if test -n "$JAVAC"; then
> javac_works='not functional'
> rm -rf /tmp/A.java /tmp/A.class ## <- note the rm -rf
> echo "public class A { }" > /tmp/A.java
> if test -e /tmp/A.java; then
> if "${JAVAC}" /tmp/A.java >/dev/null; then
> if test -e /tmp/A.class; then
> javac_works=yes
> fi
> fi
> fi
> rm -rf /tmp/A.java /tmp/A.class
> fi
>
> Right before /tmp/A.* are being used, they are being wiped. No symlink
> attack.
>
> Unless I hear objections, I plan to close this one.Please don't. There is still a race condition here. The chance is not that high but it's still possible in theory to create the symlink after the unlink. Using mktemp shouldn't be a big effort but solve this problem. Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgptQCjqGB0Lr.pgp
Description: PGP signature
