On Tue, Dec 18, 2012 at 11:29:20PM +0100, Michael Biebl wrote: > On 18.12.2012 22:41, Roger Leigh wrote: > > reopen 635131 > > thanks > > > > > > On Sun, Dec 16, 2012 at 09:51:04PM +0000, Debian Bug Tracking System wrote: > >> [ Michael Biebl ] > >> * Use a separate tmpfs for /run/lock (size 5M) and /run/user (size > >> 100M). > >> Those directories are user-writable which could lead to DoS by > >> filling up > >> /run. Closes: #635131 > > > > While this change addresses point (1) in my original report, I do > > not believe point (2) has been addressed at all, and I still > > assert that (3) is correct for Debian. > > Imho there is nothing to address for 2/ and 3/, especially since it is > unclear what the problems are you are talking about. > > It's simply how XDG_RUNTIME_DIR is specified and as Steve has already > explained, using a directory in /tmp does not provide what is required > for XDG_RUNTIME_DIR.
Blindly adopting a "standard" just because upstream decreed things should be so is not a good idea. Particularly when it has had only a cursory amount of review, and has obvious limitations which we have previously discussed on IRC with several others. By cursory, I mean that it meets the /current/ needs of GNOME, but there are other non- GNOME and non-desktop usecases which it does not satisfy, and I hate to cripple the flexibility of the base operating system "simply because" when we could do a much better job for little extra effort. (2) Is about the lifetime of the content of /run/user not being tied to a single session, so that you are limited to only running a single session at once. If you start a second session, you run into issues with reference counting which session which bit was started it, and when to shut each separate bit down. It's no longer tied to the PAM session which started it. And sessions may stomp over each others' state. What's keeping track of all that? This is IMO more important than the discussion of /run vs. /tmp. What is managing all this state, and how? IMHO this should be tied to PAM session management such that pam_open_session creates the dir, and pam_close_session cleans all this up. But the current /interpretation/ of the specification does not allow for this due to not having a per-session directory. In fact, the XDG basedir spec makes no mention of it and does not specify that it need persist beyond a single session. Having all this specified clearly and unabiguously before we provide the facility in Debian is essential. Regards, Roger -- .''`. Roger Leigh : :' : Debian GNU/Linux http://people.debian.org/~rleigh/ `. `' schroot and sbuild http://alioth.debian.org/projects/buildd-tools `- GPG Public Key F33D 281D 470A B443 6756 147C 07B3 C8BC 4083 E800 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
