thomas at kluyver.me.uk
Wed Dec 5 08:03:33 PST 2012
On 5 December 2012 15:21, David Faure <faure at kde.org> wrote:
> Not very convenient, to expect apps to implement themselves a fallback.
> In Qt, I implemented this:
> if XDG_RUNTIME_DIR isn't set, mkdir /tmp/runtime-$USER,
> then ensure that it's owned by the user (otherwise bail out),
> then chmod to 0700 (and if that fails, bail out).
> At least this makes your framework easier to use, because it returns
> that works out of the box, in normal circumstances, without requiring the
> or the distro to prepare the directory and set an env var...
Thanks David, that's useful perspective.
I think the reason /run/user is used is that the XDG base directories spec
requires stronger guarantees about file and directory lifetime than are
provided by /tmp:
*The lifetime of the directory MUST be bound to the user being logged in.
It MUST be created when the user first logs in and if the user fully logs
out the directory MUST be removed. If the user logs in more than once he
should get pointed to the same directory, and it is mandatory that the
directory continues to exist from his first login to his last logout on the
system, and not removed in between. Files in the directory MUST not survive
reboot or a full logout/login cycle.*
*If $XDG_RUNTIME_DIR is not set applications should fall back to a
replacement directory with similar capabilities and print a warning message.
So the question is, how similar do the capabilities need to be for a
fallback directory? And what kind of warning is needed? I can fire a
warning using Python's warnings mechanism from within the library, but in a
typical GUI application that will be completely invisible.
Providing a built-in fallback certainly makes life easier for application
developers, but it could also lead them to overlook security issues,
because the fallback doesn't have the same guarantees as $XDG_RUNTIME_DIR
should. I don't think it's possible to offer the same guarantees without
the OS managing the directory, in which case it will set the environment
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the xdg