Bug#1068825: apt: possible super minor security issue in apt-get source
On Thu, 2024-04-11 at 22:12 +0200, Julian Andres Klode wrote:
> > => First, I'm not sure whether this is the right behaviour, as
> > the
> > "original/modified" file seems to get removed, but it - being
> > a
> > local file - may actually be something of value to the user.
> > So maybe it should just move the file to foo.FAILED and error
> > with non-zero exit status?
and about that?
> I think I'm fine just exiting 1 if the directory already exists,
> after doing the download dance.
At least I'd suggest to also give a human readable error message or
warning.
Just a non-zero exit status will be fine for scripts, but will look
like an erroneous non-zero for humans.
Cheers,
Chris.
Reply to: