Moving the agent's socket to /var/run ?
Werner Koch
wk at gnupg.org
Wed Feb 24 09:20:12 CET 2016
On Wed, 24 Feb 2016 07:39, uldis.ansmits at tieto.com said:
> I believe, socket redirection is good feature.
Sure, I do not plan to remove it.
> Maybe automatic socket redirect to $TMPDIR for long home is acceptable solution.
Too complicated because it is not clear where to set the threshold and
by using tmpdir or any other directory you run into similar problems as
with /var/run.
> There is no /var/run/user on AIX or Solaris
All the better, then tehre won't be any conflict.
> Would be nice if GNUPG software can run by user right away without
> setup requiring admin access.
Of course there would be a configure option to keep the current
behaviour. The creation of the /var/run/user/<uid> directory would be
done by a small program run by root using userv [1].
Shalom-Salam,
Werner
[1] In case you don't know userv:
`user services' - program call across trust boundaries
userv allows one program to invoke another when only limited trust
exists between them. It is a tool which can be used to avoid having
to give other system services root privilege, and which allows users
to more securely have programs provide services to others.
.
userv can be useful as `glue' for system administrators; there are
not many full-blown userv-using applications yet.
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-devel
mailing list