From abe03dd690b28027cea97532201ec991448537e1 Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Mon, 5 Jul 2004 07:07:05 +0000
Subject: [PATCH] (Install): Warn that you should create /tmp/staging before
 installing into it, to avoid security problems.

---
 doc/automake.texi | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/doc/automake.texi b/doc/automake.texi
index b4a007b63..0245b13b2 100644
--- a/doc/automake.texi
+++ b/doc/automake.texi
@@ -5258,10 +5258,13 @@ path is prefixed with the value of @samp{DESTDIR} before being copied
 into the install area.  Here is an example of typical DESTDIR usage:
 
 @example
+mkdir /tmp/staging &&
 make DESTDIR=/tmp/staging install
 @end example
 
-This places install objects in a directory tree built under
+The @command{mkdir} command avoids a security problem if the attacker
+creates a symbolic link from @file{/tmp/staging} to a victim area;
+then @command{make} places install objects in a directory tree built under
 @file{/tmp/staging}.  If @file{/gnu/bin/foo} and
 @file{/gnu/share/aclocal/foo.m4} are to be installed, the above command
 would install @file{/tmp/staging/gnu/bin/foo} and
-- 
2.47.2