Bug 36773 - Create XDG_CONFIG_HOME with 0700 permissions
Summary: Create XDG_CONFIG_HOME with 0700 permissions
Alias: None
Product: xdg-user-dirs
Classification: Unclassified
Component: General (show other bugs)
Version: unspecified
Hardware: Other All
: medium normal
Assignee: Alexander Larsson
QA Contact:
Depends on:
Reported: 2011-05-02 07:36 UTC by Vincent Untz
Modified: 2011-05-03 01:30 UTC (History)
0 users

See Also:
i915 platform:
i915 features:

Patch (904 bytes, patch)
2011-05-02 07:36 UTC, Vincent Untz
Details | Splinter Review

Description Vincent Untz 2011-05-02 07:36:46 UTC
Created attachment 46255 [details] [review]

We currently create it with 0755 permissions, which is wrong. The spec clearly says "If, when attempting to write a file, the destination directory is non-existant an attempt should be made to create it with permission 0700."

I'm wondering if we should fix the permissions for existing account. The spec mentions "If the destination directory exists already the permissions should not be changed.", but I'm afraid that many apps might be doing the same mistake so it might be worth just forcing this? Especially as some apps put passwords in XDG_CONFIG_HOME. Same thing for XDG_DATA_HOME, for which we could also fix the permissions at the same time...
Comment 1 Alexander Larsson 2011-05-03 01:05:22 UTC
I applied the patch, and will be doing a release with it.
I'm not sure we should be modifying the permissions though...

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.