> Actually, now that I think about it, I suspect that withTemp is inherently > insecure, based on what I know, if the temp file is created in /tmp. My > understanding is that any use of a filename in /tmp is a bug, and of course > withTemp only allows use of the filename. I don't know all the tricks that > can be used to take advantage of insecure temp file handling, but that's my > understanding. Which is why we don't use /tmp for most of our temp files.
Today I realized that I was actually trying to solve the wrong problem. The issue of where and how to create temporary files is something that might have a better solution. But with the current logic, connecting to a remote repository outside of a local repository should still be able to make a temporary file in $TMPDIR, $DARCS_TMP, or the current directory. Darcs tries to create the temporary file at the top of the root directory. I believe this is because darcs first tries to find a directory somewhere in our current path. The seekPos function keeps changing the directory until it gets back to /, and then returns saying it couldn't find a repository. I believe it'd be better if, when seekPos couldn't find a repository, it restored the directory it started in. I'll try to get a patch together tomorrow. As for tonight, I just got off of work and I have beer to drink and movies to watch. -- Zachary P. Landau <[EMAIL PROTECTED]> GPG: gpg --recv-key 0xC9F82052 | http://divineinvasion.net/kapheine.asc
signature.asc
Description: Digital signature
_______________________________________________ darcs-devel mailing list [email protected] http://lists.osuosl.org/mailman/listinfo/darcs-devel
