Re: .steprc problem

Frank Ronny Larsen (gobo@gimle.nu)
Wed, 20 Sep 2000 15:48:45 +0200


> On Thu, Sep 07, 2000 at 09:49:00AM +0200, Frank Ronny Larsen wrote:
> > I'm sure this has been discussed here before, but what is the reason
> > this socket is located in the users home directory? On large sites the
> > home directory is very likely to be placed on an NFS mounted system instead
> > of a local disk.
> > 
> > /tmp would be a much more logical place to put this file. (as is done by
> > most other programs using file-sockets..) Only on very rare occassions
> > have I seen /tmp being NFS mounted. (and that was diskless workstations). 
> 
> The pipe was originally in the /tmp directory and it was moved
> to the home directory so that two users starting on the same
> machine would not attempt to write each other's files.
> There is also a security problem with placing the file
> into the /tmp - you all heard of possible race conditions
> and it is a good idea to think of that before you create
> a file in the /tmp. Of course, having the pipe on NFS
> does not make any sense at all but there should be a better
> solution than to just create a file in the /tmp.

Isn't this what /tmp is for?

Solution for two-users-problem: create a file named
   /tmp/afterstep_PID_connect.DISPLAY=:0.0
owned and accessible only by the user that owns the corresponding PID. 
With the correct permissions (600?) set, this shouldn't be that much of a 
security problem.

> As for the cure, usually your workstation will have some
> local disk space. Move (without afterstep running) the
> non-configurable directory from your home dir to that
> local disk and create a symbolic link that will point
> there from your ~/G/L/A directory.

This solution will not work in the scenario I described, since the actual 
problem is that the user does not have a permanent workstation. To use 
this cure you would have to create the directory you're symlinking to on 
every computer in the lab that you might log into.

I'll stick my nose down the CVS code and see if I can make this better. I 
just need a kick of inspiration, which has been rather lacking lately. :(

FrankRL


--------------------------------------------------------------------
To unsubscribe from this mailing list, simply type the following at #
echo "unsubscribe as-users <your_email>" | mail majordomo@afterstep.org