CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2025/11/24 05:37:15
Modified files:
include : login_cap.h
lib/libc/gen : login_cap.3
Log message:
Stop doing XDG setup in setusercontext(LOGIN_SETALL)
As suggested by kettenis@ and deraadt, including LOGIN_SETXDGENV in
LOGIN_SETALL, the latter being used in a bunch of place, appears to be
a mistake. The mkdir(2) and fchown(2) / fchmod(2) calls made by
setusercontext(LOGIN_SETXDGENV) result in pledge(2) violations in at
least calendar(1) and inetd(8), as reported by jmc@ and lucas@
respectively. Also it brings little to no advantage since most of the
login managers analyzed so far require an explicit change to export the
XDG_RUNTIME_DIR variable.
So move LOGIN_SETXDGENV out of LOGIN_SETALL. If you started relying on
this in one of your port, please adapt the code to explicitely pass
LOGIN_SETXDGENV. xenodm(1) will be fixed shortly, patches for login(1)
and sshd(8) are waiting for reviews.
ok deraadt@ robert@
