From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 23981 invoked by alias); 8 Jan 2015 14:11:09 -0000 Mailing-List: contact zsh-workers-help@zsh.org; run by ezmlm Precedence: bulk X-No-Archive: yes List-Id: Zsh Workers List List-Post: List-Help: X-Seq: 34169 Received: (qmail 19448 invoked from network); 8 Jan 2015 14:11:06 -0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on f.primenet.com.au X-Spam-Level: X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.2 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= daniel.shahaf.name; h=x-sasl-enc:date:from:to:cc:subject :message-id:references:mime-version:content-type:in-reply-to; s= mesmtp; bh=nvwCJY73AVRihrMS3cp2wE/Z3BY=; b=wKHqgYAXrZ2pxCyY6A1R8 LxNO1TfSKHTUrTtkgQGWOav1CbrKkc+nvJlk4GHeWm6v+G4JVoahElq4bEiTtyCj O4WeLsXk7AynjjScuXcUH8QOOoxntuPySCHZYz+rmtOeHqYM4L/xx4uRxXR0woBA P/THyy/7HXlXXxOMO4NW24= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=x-sasl-enc:date:from:to:cc:subject :message-id:references:mime-version:content-type:in-reply-to; s= smtpout; bh=nvwCJY73AVRihrMS3cp2wE/Z3BY=; b=qkXI5u29/qWV9gCuf8k7 YDBAKeIrrtCAPPSxZTNPK35v1ehRpD1Xt/C1EsRFrSQ7YkNmPXh/yp/iUfton7ZI y/PqZVEJxnKsaGcJTo9zh6/MZy19TZO3mTUAxuR5cfij23ESZiIMYiqSjys+4NQk iPr3e5xwn8QsmXf7u1fWOxA= X-Sasl-enc: IRuWBO5dp9YwYMBVo2Iin4Xu1qHUVmlM32ulvQx1L+Qk 1420726264 Date: Thu, 8 Jan 2015 14:10:59 +0000 From: Daniel Shahaf To: Bart Schaefer Cc: Zsh hackers list Subject: Re: [PATCH] Re: Insecure tempfile creation Message-ID: <20150108141059.GA1767@tarsus.local2> References: <20141222203624.GA24855@tarsus.local2> <141227223029.ZM15959@torch.brasslantern.com> <141227234421.ZM16038@torch.brasslantern.com> <141228004101.ZM28486@torch.brasslantern.com> <20141229004957.GA1737@tarsus.local2> <141228200142.ZM22840@torch.brasslantern.com> <20150107220345.GE1714@tarsus.local2> <20150108064816.GA17816@lorien.comfychair.org> <150108000821.ZM7996@torch.brasslantern.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <150108000821.ZM7996@torch.brasslantern.com> User-Agent: Mutt/1.5.21 (2010-09-15) Bart Schaefer wrote on Thu, Jan 08, 2015 at 00:08:21 -0800: > On Jan 7, 10:48pm, Danek Duvall wrote: > } Subject: Re: [PATCH] Re: Insecure tempfile creation > } > } On Wed, Jan 07, 2015 at 10:22:20PM -0800, Bart Schaefer wrote: > } > } > On Wed, Jan 7, 2015 at 2:03 PM, Daniel Shahaf wrote: > } > > Coming back to this, it has occurred to me that > } > > > } > > mv -f =(:) ${TMPPREFIX:-/tmp/zsh}foo$$ > } > > > } > > } > Hmm. Yup, we need "ln -Fh" instead of "mv -f". Are the -F and -h > } > options of "ln" fairly standard? > } > } Neither exists on Solaris ln. GNU coreutils ln doesn't seem to have -h, > } either. And -F just seems like a bad idea, supported or not. > > -F on MacOS (where I was reading the manual) is like -f in coreutils, > not like -F in coreutils (sigh). And -h is --no-dereference. > So, for clarity, the flags you proposed mean "overwrite destination if existing" and "if destination is symlink, don't dereference it". > Fortunately, we have the zsh/files module which provides a buitin "ln" > with well-defined semantics. Hopefully that's good enough. Another option: add a builtin that wraps the rename(2) syscall, and then use: zrename =(<<<'') ${TMPPREFIX:-/tmp/zsh}foo$$