On Tuesday 24 November 2015 19:58:22 René J. V. Bertin wrote: > I'd have chosen $TMPDIR (aka QDir::tempPath()) myself. Contrary to > ~/Library/Cache that one is cleared on each reboot, which seems advantageous > at least for the kind of things RuntimeLocation is used for in > FOSS/Freedesktop applications.
It mustn't be $TMPDIR. It needs to be a directory owned by the user so no other users can create files or sockets or FIFOs in there (no chance for malicious collision). It could be a subdir of $TMPDIR, but then we run into a race condition problem of creating a secure subdir with a well-established name among applications. That's why the XDG spec says that XDG_RUNTIME_DIR *must* have been created when the user logs in and must be removed when the user fully logs out. The fallback option that QStandardDirs offers when XDG_RUNTIME_DIR isn't set has those problems: it has race conditions and, because of that, it isn't secure. -- Thiago Macieira - thiago.macieira (AT) intel.com Software Architect - Intel Open Source Technology Center _______________________________________________ Development mailing list [email protected] http://lists.qt-project.org/mailman/listinfo/development
