Bug in XDG Base Directory Specification

Thu Nov 27 12:03:59 PST 2014

Hello List and XDG maintainers,

I implemented the "XDG Base Directory Specification" as stated in:
http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html
for Elektra 0.8.10 (yet unreleased), for information about Elektra see:
http://www.libelektra.org

There seems to be a bug in the standard. The specification states:
"If, when attempting to write a file, the destination directory is non-existant 
an attempt should be made to create it with permission 0700."

When someone creates system-configuration for a non-existant directory 
(e.g. "/etc/xdg", a subdirectory of it or any other path as given in 
XDG_CONFIG_DIRS) it should be created with 0700 according this specification.
This means that users cannot access it afterwards.

As an example, the user has XDG_CONFIG_DIRS set with "/etc/mydir". When 
executing (lets assumed XDG_CONFIG_DIRS environment is preserved):

    sudo kdb set system/key value

(kdb is the command-line tool for Elektra to get/set key/value pairs)

The implementation need to create the parent directories:

     /etc/mydir
     /etc/mydir/application/

with 0700 according to the specification. When a user then executes:

    kdb get system/key

he/she won't be able to read the file below /etc/mydir/application/.

In conclusion: for directories below home, the 0700 as specified makes perfect 
sense, but not for /etc.

Additionally, a problem is, that is not clearly stated that XDG_CONFIG_DIRS 
have anything to do with configuration below /etc/, it could also point to the 
home directory of the user, where a 0700 might be appropriate.

I think the behavior that fits best with the rest of the "XDG Base Directory 
Specification" is that XDG_CONFIG_DIRS is intended to be system-paths 
(including its default /etc/xdg) and those should be created with 0755 for 
directories and 0644 for files.

What do you think?

best regards,
Markus

P.S. the correct spelling is existent and not existant

-- 
Markus Raab            http://www.libelektra.org
Technische Universität Wien       elektra at markus-raab.org
Institut für Computersprachen           Phone: (+431) 58801/185185
Argentinierstr. 8, 1040 Wien, Austria     FAX: (+431) 58801/18598

DVR 0005886
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 828 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.freedesktop.org/archives/xdg/attachments/20141127/603d2488/attachment.sig>