On Sun, Jul 20, 2008 at 16:01, Bram Moolenaar <[EMAIL PROTECTED]> wrote:
> Jan Minar wrote: >> The configure can just use a fixed file name in the current directory. >> >> Anyway, I have adapted some code from src/auto/configure that will >> work on systems without mktemp(1) -- patch attached. > There probably is a small security hole in this as well. A targeted > symlink attack might work. mktemp() is suppose to use a special open() > call that avoids symlinks and creates the file in a way it can't be > interrupted. I think it's better to rely on mktemp for that reason. > It's not something you can do in a shell. The pipe solution still exists and is secure. According to the POSIX standard, "make -f -" should make make process standard input: http://www.opengroup.org/onlinepubs/009695399/utilities/make.html --~--~---------~--~----~------------~-------~--~----~ You received this message from the "vim_dev" maillist. For more information, visit http://www.vim.org/maillist.php -~----------~----~----~----~------~----~------~--~---
