On Sun, 16 Nov 2014, Mario Castelán Castro wrote:
> Is it possible to use fish without "fishd" even if it loses some
> functionality?. Specifically, is it possible to configure "fish" so as
> to not to start "fishd" and not to print an error message about lacking
> "fishd"?.
On IRC, you mentioned that you weren't keen on running fishd because of
the file it creates in /tmp being a potential security issue.
On versions predating 2.1.1, you are absolutely correct, and 2.1.1 was
released to try and mitigate this. 2.1.1, and indeed even the versions
without a fishd process in development, still require a file in /tmp which
has a well-known path, and thus a potential denial-of-service issue
exists. On systems which set up a proper XDG_RUNTIME_PATH, this is not a
problem, but most do not.
The reason for avoiding a path in $HOME to use as a socket or FIFO path is
that you simply can't guarantee it will work. Samba-mounted home
directories, for example, don't work with FIFOs in my testing.
There was some discussion around a similar problem of denial-of-service by
creating a named /tmp subdirectory for tmux - see the discussion at
http://seclists.org/oss-sec/2014/q1/60 but it boils down to a) not
preventing the functioning of the software and b) being user-visible and
easy to work around.
Summary: All currently-released and active development versions of fish
require a socket or FIFO path in /tmp.
Hope that helps.
David Adam
zanc...@ucc.gu.uwa.edu.au
------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
_______________________________________________
Fish-users mailing list
Fish-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fish-users