gpg-agent (2.0.7) hardcodes usage of /tmp directory
Diego 'Flameeyes' Pettenò
flameeyes at gmail.com
Tue Mar 11 11:51:03 CET 2008
Werner Koch <wk at gnupg.org> writes:
> LAcking a standard, common Unix wisdom. And the fact that sockets of
> user servers are always created there. /tmp should be local for
> performance reesons; if you want to nfs mount it, you better make sure
> that clients get their own space so that you don't run into PID
> conflicts.
FWIW KDE creates its socket respecting $TMPDIR, as does XEmacs. I
sincerely suspect it's more likely that $TMPDIR is local and fast than
/tmp itself, if set.
Plus there is a well-designed usage pattern with pam_mktemp to mitigate
temporary file vulnerabilities.
All in all, I still fail to see why hardcoding /tmp is better than
respecting TMPDIR.
--
Diego "Flameeyes" Pettenò
http://blog.flameeyes.eu/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 188 bytes
Desc: not available
URL: </pipermail/attachments/20080311/b0c7229b/attachment-0001.pgp>
More information about the Gnupg-devel
mailing list