On Saturday, 1 October 2016 at 18:24:07 UTC, Andrei Alexandrescu
wrote:
Granted, no contest. Seems to me we could be a better denizen
of said junkyard. What I noticed other apps do is create one
directory in /tmp and then place their junk in there. -- Andrei
Yeah, it is both common and "wrong" (considered insecure) :)
Problem is that it allows one to hijack output from the binary
and redirect it somewhere else. If binary is running as
privileged user, it can possibly be used as an attack vector.
Not like this is real security concern in dmd case but guidelines
like "don't make /tmp/ path predictable" exist exactly so that
one can have simple safe default and not worry about
possibilities.
Sure, it makes things less pretty, but beauty of /tmp/ layout is
hardly an important goal to follow. It seems like more practical
issue is simply that no regular destruction of /tmp/ happens on
your system.
