curl / Mailing Lists / curl-users / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Re: Avoiding overwriting a symlinked target

From: Dirk Fieldhouse via curl-users <curl-users_at_lists.haxx.se>
Date: Mon, 3 Jan 2022 03:57:29 +0000

On 01/01/2022 20:50, Daniel Stenberg wrote:
> On Thu, 30 Dec 2021, Dirk Fieldhouse via curl-users wrote:
>
>> Would curl be open to accepting a --unlink (or similar) option that
>> would cause a to-be-clobbered file to be unlinked rather than
>> overwritten directly (obviously only for OS/FS combinations where that
>> makes sense)?
>
> Why should curl remove the file when you can just do it yourself before
> invoking curl?

Thanks, Daniel. In the case I'm describing, the aim is to specify a
single command-line that safely downloads the utility, without having to
say 'first unlink any existing file' or relying on the user's system
having an unlink command or the user having configured a POSIX shell. By
'safely', I mean being confident that the suggested command-line won't
break the user's system, even if we are telling the user to become admin
and download into the $PATH.

Previously, Bill Mercer noted that existing instructions would still be
unsafe, which is true, but the instructions are generally read online,
as the latest version, especially when the user is downloading the utility.

Actually, my suggestion was based on the fact that the wget utility
appeared to have such an option, even though subsequent testing seems to
show that *it doesn't work as documented* [#61755].

Compare cp --remove-destination (which does work as documented), the
default behaviour of install, the default behaviour of rsync, etc.

/df

--
London SW6
UK
-- 
Unsubscribe: https://lists.haxx.se/listinfo/curl-users
Etiquette:   https://curl.haxx.se/mail/etiquette.html
Received on 2022-01-03