Nightly WebKit builds
The WebKit team announced a new site today where you can download nightly builds of the latest WebKit – very cool. I went ahead and wrote the following simple shell script to automate the process of downloading and installing the latest build:
#!/bin/sh curl -o /tmp/webkit.dmg http://nightly.webkit.org/builds/Latest-WebKit-CVS.dmg hdiutil mount /tmp/webkit.dmg if [ -d /Volumes/WebKit/WebKit.app ]; then rm -rf /Applications/WebKit.app cp -pR /Volumes/WebKit/WebKit.app /Applications/ fi hdiutil detach /Volumes/WebKit
Sure, it could be a little more robust (or you might prefer one of the other two builds), but it works. Put this in a
chmod +x it, and drop it into /etc/daily to have it run each morning.
(updated 2005-12-21 to reflect new webkit packaging and fix minor bugs)
Comments and responses
This script is insecure because it not only runs with root privilegesWell, the script itself can be run as any user. It would only run as root if you use /etc/daily to have it run automtically (which I suggested only because it's the easiest). There are of course numerous other ways you could run the script as a non root user, such as from a user's cron job or a launchd script (which would probably be the best way really).
Someone could put a nasty link at â€œ/tmp/webkit.dmgâ€? which could result in you unwittingly overwriting or modifying an important file elsewhere on the filesystem.Actually, it would only replace the link itself. I just experimented with both a soft link and hard link, and in both cases the link was replaced while the original file elsewhere on the file system was untouched. I'd be interested in hearing instructions for replicating the kind of behavior you described (though I'm pretty sure it's not possible).
Is it insecure? arguably, but I don’t think so. Is it the best way to go about it? Perhaps not. There’s a comment on the original article about a product called NightShift that seems to do basically the same thing (though I’ve not looked at it, and can’t really speak as to how good it is).