Closed Bug 181146 Opened 22 years ago Closed 13 years ago

Rethink use of TMPDIR in xpcom/io/nsSpecialSystemDirectory.cpp

Categories

(Core :: XPCOM, defect)

Product:
Core
Component:
XPCOM
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED INCOMPLETE
Milestone:
Future

People

(Reporter: tenthumbs, Unassigned)

Details

In typical unix fashion, using TMPDIR may or may not be the wrong thing to do depending on which platform you're using. The BSD crowd uses TMPDIR. That's usually fine but environment variables are a potential security issue for a setuid program. The SYSV crowd don't like this so they use the P_tmpdir symbol in stdio.h and ignore TMPDIR. The glibc people try to do both with mixed results. Mozilla gets it wrong no matter which way it should go. Using TMPDIR if it should be using P_tmpdir is almost certainly a platform security issue. Using any environment variable without check for suid isn't good either. Pulling random names out of thin air, like TEMP or TMP, and using them is just asking for trouble. Obviously it's possible to fix this but I think xpcom is the wrong place to do it. Personally, I think all this sort of platform-specific stuff belongs in the thing that launches mozilla-bin, then xpcom could just check for a known environment variable (or a command line arg, or whatever) and just be about it's business. I don't actually expect anyone to fix this very soon but it _is_ an issue.
As a note, people depend on $TEMP and $TMP to work in the real world (this is why I added them to the existing $TEMPDIR code).
If you mean bug 176887 then it's a case of one person who thought that TMP and TEMP are nice names. If you mean bug 168614 then it's two people who think TMP and TEMP are nice. All of which is irrelevant. On Linux glibc *only* examines TMPDIR. Mozilla should honor the platform's standards. In fact mozilla should use library calls to deduce the appropriate temp directory to use. It should definitely not guess. On a platform that thinks TMPDIR is bad, should mozilla use it anyway? I think not. Of course, on such a platform a user probably wouldn't define it anyway. My point is that mozilla shouldn't randomly decide a particular object/method/whatever is valid just because it wants to. And yes I know what I would do but doing it all in xpcom is rather silly.
cc'ing some folk that may have an opinion on this.
lets move this conversation to the newsgroup. If there is any work required, this can be the tracking bug.
Target Milestone: --- → Future
Assignee: dougt → nobody
QA Contact: scc → xpcom
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → INCOMPLETE
You need to log in before you can comment on or make changes to this bug.