36773 – Create XDG_CONFIG_HOME with 0700 permissions

Bug 36773 - Create XDG_CONFIG_HOME with 0700 permissions

Summary: Create XDG_CONFIG_HOME with 0700 permissions

Status:	RESOLVED FIXED

Alias:	None

Product:	xdg-user-dirs
Classification:	Unclassified
Component:	General (show other bugs)
Version:	unspecified
Hardware:	Other All

Importance:	medium normal
Assignee:	Alexander Larsson
QA Contact:

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2011-05-02 07:36 UTC by Vincent Untz
Modified:	2011-05-03 01:30 UTC (History)
CC List:	0 users

See Also:
i915 platform:
i915 features:

Attachments
Patch (904 bytes, patch) 2011-05-02 07:36 UTC, Vincent Untz	Details \| Splinter Review
View All

Description Vincent Untz 2011-05-02 07:36:46 UTC

Created attachment 46255 [details] [review]
Patch

We currently create it with 0755 permissions, which is wrong. The spec clearly says "If, when attempting to write a file, the destination directory is non-existant an attempt should be made to create it with permission 0700."

I'm wondering if we should fix the permissions for existing account. The spec mentions "If the destination directory exists already the permissions should not be changed.", but I'm afraid that many apps might be doing the same mistake so it might be worth just forcing this? Especially as some apps put passwords in XDG_CONFIG_HOME. Same thing for XDG_DATA_HOME, for which we could also fix the permissions at the same time...

Comment 1 Alexander Larsson 2011-05-03 01:05:22 UTC

I applied the patch, and will be doing a release with it.
I'm not sure we should be modifying the permissions though...

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.