[xmonad] Re: darcs patch: XMonad.Core: rw recompilation

Gwern Branwen gwern0 at gmail.com
Fri Jun 11 21:53:31 EDT 2010


On Fri, Jun 11, 2010 at 7:42 PM, Jan Vornberger
<Jan.Vornberger at informatik.uni-oldenburg.de> wrote:
> Another stab at this: Indeed putting stuff into /tmp can be a security
> risk. I think one solution is to use something like mkdtemp to create a
> temporary directory in a secure way and pass that to GHC.
>
> But according to this thread
>  http://www.mail-archive.com/[email protected]/msg03101.html
> even mkdtemp can be a problem in combination with tmp cleaners.
> On top of that, there doesn't seem to be an easily available mkdtemp
> implementation for Haskell. Maybe Unixutils on Hackage would fit the bill, but
> I guess we don't really want another package just for that.
>
> Because of all the security headache, it seems to me that most people
> just give up on /tmp and instead put stuff into directories somewhere
> below the user's home directory.
>
> So my suggestion: Redirect the intermediate files to
> ~/.xmonad/.ghc_temporary_outputdir and just delete that directory
> afterwards.
>
> This achieves:
>  * less ways for GHC to break (after a GHC upgrade), Joachim's initial
>    reason for the patch
>  * less clutter in ~/.xmonad, as mentioned before as well
>  * should work for modular configs too
>  * has non of the /tmp security concerns
>
> Patch is attached! :-) Comments?
>
> Regards,
> Jan

Well, that does look like it would work. (Didn't know we *had* a rm
-rf in the libraries.)

It's something of a hack to make our own temporary directory, but I
doubt anyone will ever create such a dot-dir deliberately.

If there really are no other downsides, then I guess this is worth applying.

-- 
gwern


More information about the xmonad mailing list