A trash implementation MUST check if owner/group of the $topdir/.Trash is root?
dfaure at trolltech.com
Wed Jan 7 16:03:33 PST 2009
On Thursday 08 January 2009, Andrea Francia wrote:
> The Trash Specs says that the $topdir/.Trash directory is created by the
> administrator but it doesn't say if the implementations MUST o SHOULD check
In kio_trash I don't check the ownership of $topdir/.Trash, I don't think it matters much.
As long as it has the sticky bit, is a dir, not a symlink, and is writable by the user,
it seems ok to me. The privacy comes from the fact that the $uid subdir must
be owned by the user, and must be 0700.
But I agree with you, the "security checks" could be written out more clearly
in the spec so that all implementations check exactly the same things.
David Faure, faure at kde.org, sponsored by Qt Software @ Nokia to work on KDE,
Konqueror (http://www.konqueror.org), and KOffice (http://www.koffice.org).
More information about the xdg