diff options
author | Sean Whitton <spwhitton@spwhitton.name> | 2019-08-17 21:01:18 +0100 |
---|---|---|
committer | Sean Whitton <spwhitton@spwhitton.name> | 2019-08-17 21:08:55 +0100 |
commit | b2cdd7141c9a12c8067935e7d177e65b53a79e07 (patch) | |
tree | 1b58febc88571fd0cdb5e6bc554aa5e96d57ede1 /lib | |
parent | 5199f7bf4434b337a538a880f60deaee12771b49 (diff) | |
download | dotfiles-b2cdd7141c9a12c8067935e7d177e65b53a79e07.tar.gz |
make system_pty_capture more robust
Diffstat (limited to 'lib')
-rw-r--r-- | lib/perl5/Local/Interactive.pm | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/lib/perl5/Local/Interactive.pm b/lib/perl5/Local/Interactive.pm index 5ad1ea11..0d75fbbe 100644 --- a/lib/perl5/Local/Interactive.pm +++ b/lib/perl5/Local/Interactive.pm @@ -19,10 +19,12 @@ use strict; use warnings; use Cwd; -use File::Temp qw(tempfile); +use File::Temp qw(tempfile tempdir); +use File::Path qw(remove_tree); use Exporter 'import'; use Term::ANSIColor; use Local::ScriptStatus; +use Sys::Hostname; # Quoting perldoc perlmodlib: "As a general rule, if the module is # trying to be object oriented then export nothing. If it's just a @@ -149,14 +151,21 @@ password. sub system_pty_capture { my ($cmd) = @_; - # TODO put our PID in this filename to avoid possibility of a race - my (undef, $filename) = tempfile("sysptycapXXXXXX", OPEN => 0); + # the point of creating a tempdir and then putting a file inside + # it is that then we can chmod that dir. File::Temp apparently + # uses secure permissions on files it creates in /tmp, but this + # but it is not documented, so let's not rely on it + my $dir = tempdir("sysptycap." . hostname() . ".$$.XXXX", + CLEANUP => 1, TMPDIR => 1); + chmod 0700, $dir; + my (undef, $filename) = tempfile("sysptycap.XXXX", + OPEN => 0, DIR => $dir); system qw(script --quiet --command), $cmd, $filename; open my $fh, '<', $filename; chomp(my @output = <$fh>); close $fh; - unlink $filename; + remove_tree($dir); $output[$#output] =~ /COMMAND_EXIT_CODE="([0-9]+)"/; my $exit = $1; |