On Mon, Jul 16, 2018 at 3:45 PM Philipp Kern <pk...@debian.org> wrote:
> On 16.07.2018 15:14, Dashamir Hoxha wrote: > > On Mon, Jul 16, 2018 at 2:16 PM Philipp Kern <pk...@debian.org > > <mailto:pk...@debian.org>> wrote: > > > > rather than trying to appeal to authority like Marc - I could have > been > > wrong -, I will point out that my first point was not actually > addressed > > at all: > > > > ++ mktemp -d /dev/shm/pw.sh.XXXXXXXXXXXXX > > + WORKDIR=/dev/shm/pw.sh.JHasAYH9zwYz1 > > [...] > > + decrypt /home/pkern/.pw/pw.tgz > > + local archive=/home/pkern/.pw/pw.tgz > > + local 'opts=--quiet --yes --batch ' > > + [[ -z '' ]] > > + gpg2 --quiet --yes --batch --passphrase-fd 0 > > /home/pkern/.pw/pw.tgz.gpg > > + local err=0 > > + [[ 0 -ne 0 ]] > > + tar -xzf /home/pkern/.pw/pw.tgz -C /dev/shm/pw.sh.JHasAYH9zwYz1 > > + rm -f /home/pkern/.pw/pw.tgz > > > > > > So, you have not looked at the code trying to follow the logic. > > Of course I did. Can we stop with the ad hominems and implying that the > other party is stupid, please? > > > You have just tried to debug it. This way you cannot get the full > picture. > > But nevertheless it is useful for finding ways to break the script. > > By the way, you may notice that *there is* error checking there. > > > > This clearly writes the unencrypted tarball out to disk. > > > > > > It writes to `/dev/shm` which is not disk. It writes to a random > > temporary directory, so that it cannot be guessed. It removes > > the unencrypted content as soon as the operation is performed. > > All this happens almost instantly, it never stays unencrypted > > for a long time. It is almost the same thing as using a pipe (|). > > What is wrong here? I have been using it for 2-3 years and > > never had a problem. > > No, it doesn't. /home/pkern/.pw/pw.tgz is not on /dev/shm. If it were a > pipe, there wouldn't be a problem. But alas, there isn't one and it > totally isn't the same as using a pipe. > You are right. Now I see the problem. I revoke the package request. I also ask your pardon for any unkind words. But I still think that this is not a problem of Bash, and no other language could have done it better. It is my mistake. Best regards, Dashamir > > Kind regards > Philipp Kern >
