[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#6925: strange behavior of mktemp (GNU coreutils) 7.4, Ubuntu 10.04)
|
From: |
Eric Blake |
|
Subject: |
bug#6925: strange behavior of mktemp (GNU coreutils) 7.4, Ubuntu 10.04) |
|
Date: |
Fri, 27 Aug 2010 10:53:24 -0600 |
|
User-agent: |
Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.8) Gecko/20100806 Fedora/3.1.2-1.fc13 Mnenhy/0.8.3 Thunderbird/3.1.2 |
On 08/27/2010 07:08 AM, master atomknuseren wrote:
When I invoke mktemp in a script as:
#!/bin/bash
DIR=$( mktemp||exit 1 )
cd $DIR
echo $?
I receive an error like:
--
can't cd to /tmp/tmp.68rHO2a3jc
Thanks for the report. However, this is not a bug.
If you want mktemp to create a directory instead of a file, you must use
the -d option. As written, you created a file, which means of course cd
will fail because it is not a directory.
My primitive workaround is to recreate $DIR as in:
#!/bin/bash
DIR=$( mktemp||exit 1 )
rm -r -f $DIR
mkdir -p $DIR
Heavens no. This introduces a data race that exposes you to the very
bug that you are trying to avoid by using mktemp in the first place -
namely, a window where an attacker can spot the filename you are using
and inject a rogue file in it's place in the time where the file does
not exist.
Rather, by using DIR=$(mktemp -d), you are guaranteed to have a
directory or a failure, without having to call mkdir -p after the fact.
By the way, the ||exit 1 in your command substitution is pointless.
--
Eric Blake address@hidden +1-801-349-2682
Libvirt virtualization library http://libvirt.org