On Monday 25 May 2009 06:16:16 Santiago Vila wrote: [...] > > checkbashisms' output: > > > possible bashism in ./usr/bin/autopoint line 55 ($RANDOM): > > > tmp=$TMPDIR/gt$$-$RANDOM > > > possible bashism in ./usr/bin/gettextize line 55 ($RANDOM): > > > tmp=$TMPDIR/gt$$-$RANDOM > > Hmm, this works fine when sh is not bash, using bash just gives an > extra of randomness.
And not using bash exposes autopoint and gettextize to symlink attacks. In this case mktemp should be the right solution: it handles $TMPDIR, it is random, and ensures uniqueness. > What do we call a "bashism", exactly? Is it something which does not > work when sh is dash? In such case this is not a bashism. For the pourpose of this release goal: any feature not required by policy and not implemented by dash. Cheers, -- Raphael Geissert - Debian Maintainer www.debian.org - get.debian.net -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
