On 7/7/07, M.Canales.es <[EMAIL PROTECTED]> wrote:
>
> They are placed in the /tmp dir, thus theoreticaly deleted after each reboot.
> And they are overwritten when running againg the target, thus there is no
> need to worry if someone altered they.
>
> That files could be deleted by the Makefile, but I don't see the need to do it
> and could help to track rendering issues.
>
> Actualy I was thinking on make the /tmp directory configurable via a makefile
> envar (like V=1 is for verbose output) to allow the user to select where to
> place that temporaly files.
I think it would be best if they were both cleaned up and made
configurable. First one is just good practice. No one likes when a
process doesn't clean up after itself. Potentially, there could just
be a clean target.
clean:
rm -f
/tmp/{blfs-full.xml,blfs-html.xml,blfs-patches,blfs-patch-list,blfs-pdf.fo,blfs-pdf.xml}
Second, creating files in /tmp can lead to symlink attacks. What if
some malicious person did this ahead of time?
$ ln -s /etc/shadow /tmp/blfs-full.xml
Probably nothing unless I happen to validate as root. Two
alternatives. Just have TMPDIR = /tmp and let people change it if they
want to be safe. Or, have TMPDIR = $(shell mktemp -d).
--
Dan
--
http://linuxfromscratch.org/mailman/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
