Max Nikulin <maniku...@gmail.com> writes:
> On 22/12/2022 19:34, Ruijie Yu wrote: >> One possible approach to this is to have all org-persist related >> temporary directories into an overall "$TMPDIR/org-persist" directory. > > Predictable name in a "world" writable directory generally is not a good > idea. Multiple > users may try to run Org on the same machine. There are some kernel > parameters to prevent > certain type of attacks, however I am unsure concerning their default values > in various > Linux distributions and what will happen if one user creates a symlink to > somewhere the > under home directory of another one. So unfortunately a directory reusable by > different > emacs sessions should be avoided. > > Ihor, I do not like that after your latest changes temporary directory became > world > readable. > > Another point is that creating temporary files and directories must be an > atomic > operation. In between of removing and recreating it an attacker might manage > to create a > file with the same name. Could some of the issues people are concerned about regarding use of /tmp be avoided if instead the temporary files were put into ~/.cache? To me, that would seem to be the appropriate location for such files. It would mean that org would need to 'manage' or clean out old files, but that shouldn't be a big issue.