bug-bash
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: "here strings" and tmpfiles


From: Chet Ramey
Subject: Re: "here strings" and tmpfiles
Date: Fri, 22 Mar 2019 10:21:12 -0400
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:60.0) Gecko/20100101 Thunderbird/60.5.3

On 3/20/19 7:36 AM, Daniel Kahn Gillmor wrote:
> On Tue 2019-03-19 09:31:55 -0400, Greg Wooledge wrote:
>> There are scripts that *rely* on the seekability of the temporary files
>> created by here-documents and here-strings.  "Improving" the "situation"
>> would break backward compatibility.
> 
> i hope you noticed that of my suggested improvements, only one of them
> (a) breaks seekability.  Do you have a preference among the other
> proposals?  I'm partial to memfd_create(2) on platforms that support it,
> though i'm not sure how to turn that file descriptor into O_RDONLY
> before the exec.

I can't see one by looking at the man page on the web, but I don't have
ready access to a system that implements memfd_create.


>> There is simply NO valid reason to write <<<"$secret" in a script, and
>> thus there is no need to "improve" anything other than the scripts
>> that are doing that.  Use a pipe instead.
> 
> Not all tools take their secret inputs on stdin.  indeed, some are
> explicitly designed to accept special values on other file descriptors.
> 
> How do you replicate 3<<<"$secret" with a pipeline?

This is the kind of thing process substitution is good for.

-- 
``The lyf so short, the craft so long to lerne.'' - Chaucer
                 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU    address@hidden    http://tiswww.cwru.edu/~chet/

Attachment: signature.asc
Description: OpenPGP digital signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]