On Sun, Nov 01, 2009 at 10:42:18PM +0100, Stéphane Glondu wrote:
> Loïc Minier a écrit :
> > * Don't overwrite DEB_DH_GENCONTROL_ARGS and use -u instead of -- to pass
> > args to dpkg-gencontrol in a safer manner.
>
> Can you tell how it is safer to use -u instead of --? I agree with the
> s/=/+=/, though.
Generally speaking, using -- is dangerous in the sense that it can be
used only once as it denotes the end of dh_gencontrol arguments. So, if
an included Makefile snippet does that and if the Makefile author (not
knowing about that) adds _again_ a --, that gets delivered to
dpkg-gencontrol (which can either fail, or interpret is as the end of
getopt arguments, I haven't checked which is the case). In that sense, I
believe -u is safer too.
BTW, thanks for getting back to this bug log, I had a look at it a
couple of weeks ago, but ran out of time.
Cheers.
--
Stefano Zacchiroli -o- PhD in Computer Science \ PostDoc @ Univ. Paris 7
zack@{upsilon.cc,pps.jussieu.fr,debian.org} -<>- http://upsilon.cc/zack/
Dietro un grande uomo c'è ..| . |. Et ne m'en veux pas si je te tutoie
sempre uno zaino ...........| ..: |.... Je dis tu à tous ceux que j'aime
Attachment:
signature.asc
Description: Digital signature