> I'm going to have to trust your Windows expertise here; the tempdir > code looks convoluted to me, but perhaps that's the only way to do it. > (Microsoft's docs for "SECURITY_ATTRIBUTES" suggest to me that if > lpSecurityDescriptor is NULL, then the directory gets a default > security descriptor, and that this may mean it's only readable by the > user represented by the access token of the process [1], which might > suggest a simplification - but I'm very hazy on how the security model > in Windows works)
I tested this and it gives write access to the "Authenticated Users" group. The way I did it gives access only to the user that owns the libgccjit process. I have to admit that it is a lot of code and it is hard to understand unless you know the security model of Windows well. I don't know it well, I wrote this keeping the documentation close and experimenting. > I was able to successfully bootstrap and regression test with your > patch on x86_64-pc-linux-gnu. I also verified that the result of "make > install" was not affected for my configuration. Great. > I've pushed your patch to master as > c83027f32d9cca84959c7d6a1e519a0129731501. > > Thanks again for the patch > Dave Thanks to you for all the good feedback. Nico.
