On 22/12/2022 19:34, Ruijie Yu wrote:
One possible approach to this is to have all org-persist related temporary directories into an overall "$TMPDIR/org-persist" directory.
Predictable name in a "world" writable directory generally is not a good idea. Multiple users may try to run Org on the same machine. There are some kernel parameters to prevent certain type of attacks, however I am unsure concerning their default values in various Linux distributions and what will happen if one user creates a symlink to somewhere the under home directory of another one. So unfortunately a directory reusable by different emacs sessions should be avoided.
Ihor, I do not like that after your latest changes temporary directory became world readable.
Another point is that creating temporary files and directories must be an atomic operation. In between of removing and recreating it an attacker might manage to create a file with the same name.