gpg-agent (2.0.7) hardcodes usage of /tmp directory

Diego 'Flameeyes' Pettenò flameeyes at gmail.com
Tue Mar 11 11:51:03 CET 2008


Werner Koch <wk at gnupg.org> writes:

> LAcking a standard, common Unix wisdom.  And the fact that sockets of
> user servers are always created there.  /tmp should be local for
> performance reesons; if you want to nfs mount it, you better make sure
> that clients get their own space so that you don't run into PID
> conflicts.

FWIW KDE creates its socket respecting $TMPDIR, as does XEmacs. I
sincerely suspect it's more likely that $TMPDIR is local and fast than
/tmp itself, if set.

Plus there is a well-designed usage pattern with pam_mktemp to mitigate
temporary file vulnerabilities.

All in all, I still fail to see why hardcoding /tmp is better than
respecting TMPDIR.

-- 
Diego "Flameeyes" Pettenò
http://blog.flameeyes.eu/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 188 bytes
Desc: not available
URL: </pipermail/attachments/20080311/b0c7229b/attachment-0001.pgp>


More information about the Gnupg-devel mailing list