From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp11.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id 4E64GIV8pGPYdAEAbAwnHQ (envelope-from ) for ; Thu, 22 Dec 2022 16:49:25 +0100 Received: from aspmx1.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp11.migadu.com with LMTPS id aNHkGIV8pGM93QAA9RJhRA (envelope-from ) for ; Thu, 22 Dec 2022 16:49:25 +0100 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 9D2B432F7B for ; Thu, 22 Dec 2022 16:49:24 +0100 (CET) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1p8NoD-0005DN-2N; Thu, 22 Dec 2022 10:48:37 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1p8NoB-0005Cl-2h for emacs-orgmode@gnu.org; Thu, 22 Dec 2022 10:48:35 -0500 Received: from mail-pl1-x62c.google.com ([2607:f8b0:4864:20::62c]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1p8No9-00041S-E0 for emacs-orgmode@gnu.org; Thu, 22 Dec 2022 10:48:34 -0500 Received: by mail-pl1-x62c.google.com with SMTP id m4so2387512pls.4 for ; Thu, 22 Dec 2022 07:48:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:message-id:in-reply-to:date:subject:to:from:user-agent :references:from:to:cc:subject:date:message-id:reply-to; bh=ZVoEOUlVrzIltlJHqmvbZQ1mK8QhNC3K9l+nrB83keo=; b=JYzMxd5QI4fe6zkLwkl28AnJQFx4ypm+J+3ROrTgOGlWg/p7QMS/2rcM7T/aUZm3ME gYFZKWNCDSTx+i6O/+TzocMT2Lu5TenAkwLX74z/JRyhp5JCfejcvPmT/LhIP2G5Oqjy MSff1GFx3nllGjRy8syWM1gFRwpYHuVpTKnlWdeSxazkQ5Qp2hLbbebkl9IevrfDh0cI qh2UQaVSOty7lMmpwCEJvTPmIkq7WPOepfUKeeyUKKhNMhFVA9Z9QW2zTUgujbHoudO/ ECvnjk1ozup2Em4rpgSG5ZzPhVROWABvX+qDBD4kSOmd/+R42RyQg+I/QRZmv27/OqLQ YeRQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=mime-version:message-id:in-reply-to:date:subject:to:from:user-agent :references:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=ZVoEOUlVrzIltlJHqmvbZQ1mK8QhNC3K9l+nrB83keo=; b=hjKftOgc3EY6TxhSmZ2HoFMFvXOVQbyFmaIJ/Kh0T1e/5bpTGMeG5BueSbC8YCujk5 nLaY2kLQVeusoIIXxG+lUUsH2ilQJkcyy6R2h0OS2m43vJnBkdQMGsOcloD6n7j1rbsz 5FWJ0Oey+9nOU1I16f16+ixUC+cGxFYVBiJ9Ffbhl+esjAzgPbNr9UkLKjp0fGJBY9BF epIn5e8NV3xwUG3Gh3Mm8yFkywTZ8OdJVKJsJZBfaJnEOOyWId4FeZPOulEdMfPz00nv qTJY/mY0oX33Rgjh4s7ka9wYMonDLkKzRqGZqUYhGY084DqPwECyu/lwcWUJ/Ku2MYWd ei7g== X-Gm-Message-State: AFqh2kqqwCrkiU12foS8vBDI6d6t5Bsp1Que1W06UryfwUE5fPdX4ipy b8p7TdgCyDhYnQfmWkaqSZvzlkagKk8= X-Google-Smtp-Source: AMrXdXs7HO4xgpasM8jKp/j38Wyr6bK651BddrleraVfoA8mWNH6mZj9qpXn+pYHn6H6TzPcNpJ8FA== X-Received: by 2002:a05:6a20:13a6:b0:af:9c75:6699 with SMTP id w38-20020a056a2013a600b000af9c756699mr10290032pzh.1.1671724111576; Thu, 22 Dec 2022 07:48:31 -0800 (PST) Received: from dingbat (203-173-24-107.dyn.iinet.net.au. [203.173.24.107]) by smtp.gmail.com with ESMTPSA id v12-20020a63464c000000b0044046aec036sm878390pgk.81.2022.12.22.07.48.30 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 22 Dec 2022 07:48:31 -0800 (PST) References: <87len0uc7y.fsf@ucl.ac.uk> <87tu1ovlsn.fsf@localhost> <287345.1671683459@archlinux> User-agent: mu4e 1.9.7; emacs 29.0.60 From: Tim Cross To: emacs-orgmode@gnu.org Subject: Re: org-persist files in /tmp Date: Fri, 23 Dec 2022 02:45:19 +1100 In-reply-to: Message-ID: <86pmcbigmt.fsf@gmail.com> MIME-Version: 1.0 Content-Type: text/plain Received-SPF: pass client-ip=2607:f8b0:4864:20::62c; envelope-from=theophilusx@gmail.com; helo=mail-pl1-x62c.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-orgmode@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "General discussions about Org-mode." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-orgmode-bounces+larch=yhetil.org@gnu.org Sender: emacs-orgmode-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN ARC-Seal: i=1; s=key1; d=yhetil.org; t=1671724165; a=rsa-sha256; cv=none; b=ZGADuENXpvEhtf43eiBea4UYZ6Z+JqqFUCOC6hjMs1Hc93kp2c8o61MQyv0CXN/lEi5uT5 GABfQ+HgnVtMGLUi586bVafHfozgXmYYBgSn80ub+NdnwhDRC0mu/5FL+re5skCtY3lvLk M3RXOxWpW5pL7GoKF7WRDBLIQnDZ0EQYkpNg+yiusO7Ly1b7ptxtVnH/chH4Muw+t5PXTd A0SZfiQDFVYFKw5vnsjUd5/FvFzx9zNfMJig3XhWvevZFZPYhavjkxOE9P2j7PPyyzu+c7 WmSNaXssDxHd14GseqnLGjqzwt1Esf1ghL9Pn3PDPR/59wLgAYARZFCYY8TPQg== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20210112 header.b=JYzMxd5Q; spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1671724165; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=ZVoEOUlVrzIltlJHqmvbZQ1mK8QhNC3K9l+nrB83keo=; b=PJ2Q7qonk/sxM/UAnypBAK/654ge6bJtMXhQ5wzFef1Zv8ckRLvTEzpnUM6w9kFdvhsIYd jL8qB8Arj5pSvCD8m7BsHDP/D+MwN0EiGnsXII9cLBV6dIlDwYcp0t+3lxRsejDBdlT6Yw rSSNs812Kuv+xmUNanp1jCeOaHXI926GSe7J+ATkAvVE1tK7hyI++IwvmpPmDQUUaB+Bj1 4jMHyfQQ3WEj9X2GwNUvzB4Xnzaj+9cq/HgJiNvbcQkI5eSe3W2ZsUGdFXmn3XHG5NTFRp DEid9H8zht+kpUSVlL1FREMDS8mVY9yO+wx+VMF3TU8QHcF18Y+2F5EnYS0lhg== X-Spam-Score: -9.54 X-Migadu-Queue-Id: 9D2B432F7B Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20210112 header.b=JYzMxd5Q; spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gmail.com X-Migadu-Scanner: scn0.migadu.com X-Migadu-Spam-Score: -9.54 X-TUID: ovnK7kzAbA3m Max Nikulin writes: > On 22/12/2022 19:34, Ruijie Yu wrote: >> One possible approach to this is to have all org-persist related >> temporary directories into an overall "$TMPDIR/org-persist" directory. > > Predictable name in a "world" writable directory generally is not a good idea. Multiple > users may try to run Org on the same machine. There are some kernel parameters to prevent > certain type of attacks, however I am unsure concerning their default values in various > Linux distributions and what will happen if one user creates a symlink to somewhere the > under home directory of another one. So unfortunately a directory reusable by different > emacs sessions should be avoided. > > Ihor, I do not like that after your latest changes temporary directory became world > readable. > > Another point is that creating temporary files and directories must be an atomic > operation. In between of removing and recreating it an attacker might manage to create a > file with the same name. Could some of the issues people are concerned about regarding use of /tmp be avoided if instead the temporary files were put into ~/.cache? To me, that would seem to be the appropriate location for such files. It would mean that org would need to 'manage' or clean out old files, but that shouldn't be a big issue.