[PATCH 1/2] Hardening installation of GNU tar
Steffen Moeller
moeller at debian.org
Thu Mar 19 16:27:22 UTC 2009
* already existing / left over data.tar.gz file is removed
* ( )s removed so an error will not remain unnoticed
---
install.sh | 19 ++++++++++++++-----
1 files changed, 14 insertions(+), 5 deletions(-)
diff --git a/install.sh b/install.sh
index 3129466..896accc 100755
--- a/install.sh
+++ b/install.sh
@@ -464,7 +464,7 @@ action_testing () {
fi
echo " * microSD card device: $SD_DEVICE present"
- for intern_binary in wget ping fdisk mount umount mkfs.$SD_PART1_FS mkfs.$SD_PART2_FS mkswap gunzip dd sed rdate ar; do
+ for intern_binary in wget ping fdisk mount umount mkfs.$SD_PART1_FS mkfs.$SD_PART2_FS mkswap gunzip dd sed rdate ar pwd; do
if ! which $intern_binary > /dev/null; then
echo "E: Could not find $intern_binary binary"
exit 1
@@ -478,11 +478,20 @@ action_testing () {
echo "W: tar does not support gzip archives"
echo "Downloading tar package"
wget $TAR_PACKAGE -O /tmp/tar.deb
- ( cd /tmp && ar -x tar.deb data.tar.gz )
+ cwd=`pwd`
+ cd /tmp
+ if [ -f data.tar.gz ]; then
+ if [ -n "$VERBOSE" ]; then
+ echo "I: removing previous /tmp/data.tar.gz"
+ fi
+ rm -f data.tar.gz
+ fi
+ ar -x tar.deb data.tar.gz
mkdir -p /usr/local
- gunzip -c /tmp/data.tar.gz | tar -x -C /usr/local/
- rm -f /tmp/data.tar.gz
- rm -f /tmp/tar.deb
+ gunzip -c data.tar.gz | tar -x -C /usr/local/
+ rm -f data.tar.gz
+ rm -f tar.deb
+ cd "$cwd"
fi
if [ "$SD_PART1_FS" = "vfat" ]; then
--
1.6.2.1
--------------070904030008000308040809
Content-Type: text/x-diff;
name="0002-tar-TAR_APPLICATION.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="0002-tar-TAR_APPLICATION.patch"
More information about the pkg-fso-maint
mailing list