~sircmpwn/hare#659: driver: `hare build` can overwrite source files — sourcehut todo

~sircmpwn/hare#659:

driver: `hare build` can overwrite source files

Steps to reproduce:

Create a directory called "main.ha".
Create a Hare file "main.ha/main.ha".
In "main.ha/", run hare build.
"main.ha/main.ha" will be overwritten with a created executable.

Go avoids this by checking whether the to-be-overwritten file is an object[1], although this might not work well with +data (#21).

[1] https://github.com/golang/go/blob/ba7f3d98d41f01291dd831e618736b02a79ef27a/src/cmd/go/internal/work/exec.go#L1917

Status: REPORTED
Submitter: ~vyivel
Assigned to: No-one
Submitted: 2 years ago
Updated: 1 year, 10 months ago
Labels: bug driver

~sebsite added bug 2 years ago

~sebsite added driver 2 years ago

~autumnull 1 year, 10 months ago

imo best way to deal with this is to only overwrite existing files if they're regular files and are executable by the current user.

Register here or Log in to comment, or comment via email.