Re: Finalizing 'inhibit-automatic-native-compilation'

[Andrea Corallo]

Tatsuya Kinoshita <tats@debian.org> writes:

> On 2023-02-17 at 09:42 -0700, Sean Whitton wrote:
>> So: commit ce4a066ed1e fixes Debian bug #1021842 without the env var.
>
> On 2023-02-14 at 11:32 +0000, Andrea Corallo wrote:
>> Stefan Monnier <monnier@iro.umontreal.ca> writes:
>> > `temporary-file-directory' may point to a world-writable directory, so
>> > it's vulnerable to the usual race condition where someone manages to
>> > predict the name of the file you're going to write and places there
>> > a symlink to some "interesting" place, so you end up overwriting some
>> > other file unwittingly.
>> 
>> Okay, ce4a066ed1e generates trampolines in a temporary directory if no
>> other option is viable (using the make-temp-file machinery to generate
>> the unpredictable name).
>
>> +   finally (cl-return
>> +            (expand-file-name
>> +             (make-temp-file-internal (file-name-sans-extension 
>> rel-filename)
>> +                                      0 ".eln" nil)
>> +             temporary-file-directory))))
>
> Hmm, it seems using make-temp-file-internal with DIR-FLAG=0 which just
> constructs a name and do not create the file like make-temp-name, so
> there is a race condition as Stefan mentioned.  Is that really OK?

Mmhh, Stefan mentioned the case where the tmp file name is predicted.

Shouldn't make-temp-file-internal return a non predictable file name?
Otherwise what's the point of using make-temp-file in the first place if
the temporary name is predictable?

  Andrea