Re: "here strings" and tmpfiles

[Chet Ramey]

On 3/20/19 7:36 AM, Daniel Kahn Gillmor wrote:
> On Tue 2019-03-19 09:31:55 -0400, Greg Wooledge wrote:
>> There are scripts that *rely* on the seekability of the temporary files
>> created by here-documents and here-strings.  "Improving" the "situation"
>> would break backward compatibility.
> 
> i hope you noticed that of my suggested improvements, only one of them
> (a) breaks seekability.  Do you have a preference among the other
> proposals?  I'm partial to memfd_create(2) on platforms that support it,
> though i'm not sure how to turn that file descriptor into O_RDONLY
> before the exec.

I can't see one by looking at the man page on the web, but I don't have
ready access to a system that implements memfd_create.


>> There is simply NO valid reason to write <<<"$secret" in a script, and
>> thus there is no need to "improve" anything other than the scripts
>> that are doing that.  Use a pipe instead.
> 
> Not all tools take their secret inputs on stdin.  indeed, some are
> explicitly designed to accept special values on other file descriptors.
> 
> How do you replicate 3<<<"$secret" with a pipeline?

This is the kind of thing process substitution is good for.

-- 
``The lyf so short, the craft so long to lerne.'' - Chaucer
                 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU    chet@case.edu    http://tiswww.cwru.edu/~chet/

signature.asc
Description: OpenPGP digital signature