Moving the agent's socket to /var/run ?

Werner Koch wk at
Wed Feb 24 09:20:12 CET 2016

On Wed, 24 Feb 2016 07:39, uldis.ansmits at said:

> I believe, socket redirection is good feature.

Sure, I  do not plan to remove it.

> Maybe automatic socket redirect to $TMPDIR for long home is acceptable solution.

Too complicated because it is not clear where to set the threshold and
by using tmpdir or any other directory you run into similar problems as
with /var/run.

> There is no /var/run/user on AIX or Solaris

All the better, then tehre won't be any conflict.

> Would be nice if GNUPG software can run by user right away without
> setup requiring admin access.

Of course there would be a configure option to keep the current
behaviour.  The creation of the /var/run/user/<uid> directory would be
done by a small program run by root using userv [1].



[1] In case you don't know userv:
 `user services' - program call across trust boundaries
 userv allows one program to invoke another when only limited trust
 exists between them.  It is a tool which can be used to avoid having
 to give other system services root privilege, and which allows users
 to more securely have programs provide services to others.
 userv can be useful as `glue' for system administrators; there are
 not many full-blown userv-using applications yet.

Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-devel mailing list