[xmonad] Re: darcs patch: XMonad.Core: rw recompilation
gwern0 at gmail.com
Fri Jun 11 21:53:31 EDT 2010
On Fri, Jun 11, 2010 at 7:42 PM, Jan Vornberger
<Jan.Vornberger at informatik.uni-oldenburg.de> wrote:
> Another stab at this: Indeed putting stuff into /tmp can be a security
> risk. I think one solution is to use something like mkdtemp to create a
> temporary directory in a secure way and pass that to GHC.
> But according to this thread
> http://www.mail-archive.com/[email protected]/msg03101.html
> even mkdtemp can be a problem in combination with tmp cleaners.
> On top of that, there doesn't seem to be an easily available mkdtemp
> implementation for Haskell. Maybe Unixutils on Hackage would fit the bill, but
> I guess we don't really want another package just for that.
> Because of all the security headache, it seems to me that most people
> just give up on /tmp and instead put stuff into directories somewhere
> below the user's home directory.
> So my suggestion: Redirect the intermediate files to
> ~/.xmonad/.ghc_temporary_outputdir and just delete that directory
> This achieves:
> * less ways for GHC to break (after a GHC upgrade), Joachim's initial
> reason for the patch
> * less clutter in ~/.xmonad, as mentioned before as well
> * should work for modular configs too
> * has non of the /tmp security concerns
> Patch is attached! :-) Comments?
Well, that does look like it would work. (Didn't know we *had* a rm
-rf in the libraries.)
It's something of a hack to make our own temporary directory, but I
doubt anyone will ever create such a dot-dir deliberately.
If there really are no other downsides, then I guess this is worth applying.
More information about the xmonad