|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
On 08/17/2010 03:40 PM, sean finney wrote:
On Sat, Aug 14, 2010 at 03:30:15PM -0400, JP Vossen wrote:
Date: Sat, 14 Aug 2010 00:00:14 -0400
From: Gordon Dexter<gordon@texasdex.com>
rm -rf $TMPDIR/snap_*
Watch out for that kind of thing. This one is OK, but guess what
happens if:
unset TMPDIR
rm -rf $TMPDIR/*
this is a great use case for "set -u" btw :)
My gentoo dev hat jumped off my head. Another thing to be sure to do is
to quote variables like that - for all you know TMPDIR contains a space.
Fortunately on Gentoo these kinds of scripts on ebuilds tend to run in
a sandbox, and often with reduced privs, so usually something like this
will just cause an error or an improper install and a broken package
(which can still be cleaned up by removing it, as the actual installed
files are still correctly tracked by the PM).
I'd be really nervous about anything remotely like this in a script that
runs outside of a sandbox, or with root privs.
Rich
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|