libxfce4util broken(was: Xffm creates bad files)

Benedikt Meurer benedikt.meurer at unix-ag.uni-siegen.de
Thu Apr 1 22:21:51 CEST 2004 

edscott wilson garcia wrote:
> El jue, 01-04-2004 a las 01:47, Benedikt Meurer escribió:
> 
>>>
>>>To exit is a bit too drastic for me. Not being able to determine the
>>>home directory should not be dangerous. As you suggested some days ago,
>>>you cannot take away the wheels of a car so that drivers will not crash.
>>>The application should know what to do if it gets NULL for a home
>>>directory, otherwise, IMHO, it's a crappy application.
>>
>>If an application is unable to determine my homedir and uses /tmp instead, I 
>>would consider this dangerous. Esp. if the application does not notify my of 
>>that fact. Imagine, you have an application that saves sensitive data, you 
>>feel quite safe because your home dir is 0700 and you trust your admin. Now a 
>>problem occurs with the YP server, just after you launched your application, 
>>and the app will use /tmp to store your sensitive data. In terms of security 
>>its way better to exit the application, than doing probably insecure things.
> 
> Storing sensitive data like that would be an error of the application,
> not the library function. Some people say, "guns do not kill people,
> people kill people".
> 
> If an application aborts just because a path relative to the homedir
> cannot be resolved, then the application is plain crappy too. In order
> for the application to know what to do, the library function for homedir
> should return NULL if it fails. That's exactly what the glib function
> does. From this point on the application can decide whether sensitive
> data is involved or not, and proceed accordingly. Withou a homedir, for
> reading configuration files, it should point in the direction of
> /usr/local/share/etc, for establishing a work dir point to /tmp and so
> forth. Without user confirmation, sensitive data should not be stored
> regardless homedir is established or not.

I really klemmer this. If you really want a NULL pointer, use g_get_homedir() 
instead.

If an application is unable to determine the users home directory, there is 
usually something broken with the system. And I don't see any need to continue 
from there in a desktop application (remember, we are talking about desktop apps).

Benedikt

-- 
NetBSD Operating system:                       http://www.NetBSD.org/
pkgsrc "Work in progress":                  http://pkgsrc-wip.sf.net/
XFce desktop environment:                        http://www.xfce.org/
German Unix-AG Association:                   http://www.unix-ag.org/
os-network:                                 http://www.os-network.de/

OpenPGP Key: http://www.home.unix-ag.org/bmeurer/#gpg

More information about the Xfce4-dev mailing list