Akonadi's unix sockets location

[Lennart Poettering]

On Sun, 21.03.10 14:44, Jonathan Underwood (jonathan.underwood at gmail.com) wrote:

> > It's a shared namespace. As such it is a major source of
> > vulnerabitilities, especially if the developers didn't have this
> > particular use in mind.
> 
> To what extent would the security issues associated with files in /tmp
> be mitigated with a polyinstantiated /tmp directories? Should Fedora
> move to that as a default?

The major security issues would certainly go away that way, but I don't
think that such a behaviourial change would be a good idea. /tmp has
always been a shared namespace, and some apps might actually depend on
that to exchange files between users. The FHS assumes a single namespace
for the entire fs hierarchy and departing from that might create various
unexpected problems. Starting from admins who don't expect a weirdness
like this, but also applications that break with behaviour like that.

To my knowledge the Debian folks experimented with this a couple of
years ago, and even wanted to make it the default (but didn't in the
end, afaics). Might be interesting to learn about the results of their
experimenting.

Instead of changing the semantics of /tmp which is already way to
established with all its brokeness and weird semantics, I'd rather like
to see a new dir added /var/run/users/$USER/ that does not suffer by all
the problems and introduces new, clean and well defined semantics.

Lennart

-- 
Lennart Poettering                        Red Hat, Inc.
lennart [at] poettering [dot] net
http://0pointer.net/lennart/           GnuPG 0x1A015CC4