|Richard Freeman on 17 Aug 2010 13:10:31 -0700|
On 08/17/2010 03:40 PM, sean finney wrote:
On Sat, Aug 14, 2010 at 03:30:15PM -0400, JP Vossen wrote:Date: Sat, 14 Aug 2010 00:00:14 -0400 From: Gordon Dexter<email@example.com> rm -rf $TMPDIR/snap_*Watch out for that kind of thing. This one is OK, but guess what happens if: unset TMPDIR rm -rf $TMPDIR/*this is a great use case for "set -u" btw :)
My gentoo dev hat jumped off my head. Another thing to be sure to do is to quote variables like that - for all you know TMPDIR contains a space. Fortunately on Gentoo these kinds of scripts on ebuilds tend to run in a sandbox, and often with reduced privs, so usually something like this will just cause an error or an improper install and a broken package (which can still be cleaned up by removing it, as the actual installed files are still correctly tracked by the PM).
I'd be really nervous about anything remotely like this in a script that runs outside of a sandbox, or with root privs.
Rich ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug