Dave wrote:
> mktemp is being used here to provide randomness in the filename,
> not just a uniqueness.

Ok - useful point.

How about:


> all an attacker has to do is create 65535 symlinks in /usr/tmp

And how about if I removed the tmp files at the top:

        trap 'rm -fr $t.?; trap 0; exit 0' 0 1 2 3 15
        rm -fr $t.?

        ... rest of script ...

How close does that come to providing the same level of safety, while
remaining portable over a wider range of systems, and not requiring that
a separate command be forked?

> I'd suggest fixing your distributions ...

It's not just my distro; it's the distros of all git users.

If apps can avoid depending on inessential details of their
environment, that's friendlier to all concerned.

And actually my distro is fine - it's just that I am running an old
version of it on one of my systems.  Newer versions of the mktemp -t

                  I won't rest till it's the best ...
                  Programmer, Linux Scalability
                  Paul Jackson <[EMAIL PROTECTED]> 1.650.933.1373, 
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to