[Pkg-xfce-devel] Bug#772398: Bug#772398: xfce4-settings: bashism in /bin/sh script
control: tag -1 -security
control: severity -1 wishlist
On sam., 2014-12-06 at 14:57 +0100, Raphael Geissert wrote:
> Package: xfce4-settings
> Severity: normal
> Version: 4.10.1-2
> User: debian-release at lists.debian.org
> Usertags: goal-dash
> Tags: security
>
> Hi,
>
> I've ran checkbashisms (from the 'devscripts' package) over the whole
> archive and I found that your package has a /bin/sh script that uses a
> "bashism".
>
> checkbashisms' output:
> > possible bashism in
> > ./usr/lib/i386-linux-gnu/xfce4/settings/appearance-install-theme line 105
> > ($RANDOM):
> > tmpdir="/tmp/tmp.$$.$RANDOM"
>
>
> Not using bash (or a Debian Policy compliant shell interpreter that doesn't
> provide such an extra feature) as /bin/sh is likely to lead to errors or
> unexpected behaviours. Please be aware that dash is the default /bin/sh.
>
> Please closely examine the above output and the script, and determine
> what the proper severity of the bug is, and adjust it accordingly. If
> it's important or greater please hurry to get this fixed for jessie.
>
Hi,
$RANDOM above is only used if mktemp doesn't exist, which is very
unlikely on a Debian system, so adjusting the severity/tags.
Regards,
--
Yves-Alexis
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-xfce-devel/attachments/20141207/e99817f5/attachment.sig>
Reply to: