Sheldon Gill wrote: > > Some more comments on NSPathUtilities.m. I think I'd be ready to commit > > this after addressing these comments.
It's late, and I haven't had time to look at the patches in detail yet, but I'm still not really happy about the general idea. A configuration file in /etc does make sense, though, if you're running on a "normal" un*x system, so for those cases, I guess it's ok. (Would be nice if the configuration system was easily pluggable, so that "unnormal" unix-like systems could have GNUstep configure itself in some convenient way (eg. LinuxSTEP or GNUstep on Darwin), but that can come later.) [snip] > > > /** > > > * Returns the name of a directory in which temporary files can be > > > stored.<br/ > > > > * For unix-like systems this is usually '/tmp'.<br/ > > > > * For MS-Windows systems this is the system temporary directory, > > > often '%WINDIR%\TEMP\'.<br/ > > > > */ > > > NSString > > > *NSTemporaryDirectory(void) > > > > Why did you take out the creation of a secure subdirectory of temp? > > This is a bigger question. NSTemporaryDirectory has been implemented and _documented_ as returning a secure, this-user-only directory for a long time. Both code in GNUstep and outside GNUstep depends on this. Changing this would break things and introduce subtle security holes and information leaks. IMHO, it'd take _extreme_ reasons to change documented behavior with such consequences. For this reason, if no other, I think the behavior should remain as it is. > Firstly, the existing code isn't really secure. You can circumvent it. Then that should be fixed. How is it broken? At a quick glance, it seems ok (on posix systems) aside from not returning nil if the directory creation fails (at least it logs in that case). I'll fix that tomorrow. > I > looked at changing that but things start getting quite complex. GNUstep needs a secure temporary directory in a couple of places, so we have to solve it anyway. - Alexander Malmberg _______________________________________________ Bug-gnustep mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/bug-gnustep
