libxfce4util broken(was: Xffm creates bad files)

edscott wilson garcia edscott at imp.mx
Thu Apr 1 14:38:53 CEST 2004


El jue, 01-04-2004 a las 01:47, Benedikt Meurer escribió:
> > 
> > 
> > To exit is a bit too drastic for me. Not being able to determine the
> > home directory should not be dangerous. As you suggested some days ago,
> > you cannot take away the wheels of a car so that drivers will not crash.
> > The application should know what to do if it gets NULL for a home
> > directory, otherwise, IMHO, it's a crappy application.
> 
> If an application is unable to determine my homedir and uses /tmp instead, I 
> would consider this dangerous. Esp. if the application does not notify my of 
> that fact. Imagine, you have an application that saves sensitive data, you 
> feel quite safe because your home dir is 0700 and you trust your admin. Now a 
> problem occurs with the YP server, just after you launched your application, 
> and the app will use /tmp to store your sensitive data. In terms of security 
> its way better to exit the application, than doing probably insecure things.

Storing sensitive data like that would be an error of the application,
not the library function. Some people say, "guns do not kill people,
people kill people".

If an application aborts just because a path relative to the homedir
cannot be resolved, then the application is plain crappy too. In order
for the application to know what to do, the library function for homedir
should return NULL if it fails. That's exactly what the glib function
does. From this point on the application can decide whether sensitive
data is involved or not, and proceed accordingly. Withou a homedir, for
reading configuration files, it should point in the direction of
/usr/local/share/etc, for establishing a work dir point to /tmp and so
forth. Without user confirmation, sensitive data should not be stored
regardless homedir is established or not.






More information about the Xfce4-dev mailing list