On 31-10-14 12:35, Dominik George wrote: > >>> I think this patch doesn't work when installing a new package (it does >>> work on upgrades). So I think the two added lines need to be within an >>> 'if [ -e "$outputfile" ] ; then' statement. >> I figured that and re-created the patch - apparently, I uploaded the old one >> :(. >> > > Turns out it is not enough either. > > Attached is (the only) working patch, which leaves anything but the > contents of any existing file intact. > > DO NOT UPLOAD the previous patch, as it indeed breaks another code flow.
Very interesting, as this is exactly something that I came up with as an alternative, indeed to prevent issues were e.g. the maintainer had made the configuration file a symlink. I was wondering though, if that would not leave a very short time where the file may have too little permission restrictions. mktemp is supposed to be secure, catting into a yet non-existing file may not. Paul
signature.asc
Description: OpenPGP digital signature