On Fri, 07.06.13 22:33, Richard W.M. Jones (rjones@xxxxxxxxxx) wrote: > On Fri, Jun 07, 2013 at 06:55:46PM +0200, Lennart Poettering wrote: > > User "simo" creates /dev/shm/1000/ even though 1000 is the UID of user > > "lennart". Lennart can never start PA again, ever. And can't do anything > > about it, because "simo" is in control, and /dev/shm is sticky. > > For /run we create /run/user/<uid> in pam_systemd (I think?). > Can we do the same for /dev/shm/<uid>? There's no benefit in doing that. /run/user is not world-writable. Hence creating this dir at login time is totally safe, since only trusted code can create dirs in there. This is different for /dev/shm which is world-writable, and where creating dirs at login doesn't solve anything, because any unprivileged user could easily create dirs for all users and then make it impossible to log in for them. Lennart -- Lennart Poettering - Red Hat, Inc. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
