On Fri, Mar 25, 2016 at 10:28:55PM +0800, 惠轶群 wrote:
> >> diff --git a/credential-cache.c b/credential-cache.c
> >> index f4afdc6..40d838b 100644
> >> --- a/credential-cache.c
> >> +++ b/credential-cache.c
> >> @@ -105,7 +105,7 @@ int main(int argc, const char **argv)
> >> op = argv[0];
> >>
> >> if (!socket_path)
> >> - socket_path = expand_user_path("~/.git-credential-cache/socket");
> >> + socket_path = xdg_runtime_dir("credential-cache.sock");
> >> if (!socket_path)
> >> die("unable to find a suitable socket path; use --socket");
> >
> > We do our own mkdir and chmod in credential-cache; this should be
> > redundant with what xdg_runtime_dir() does, and can be removed, right?
>
> But user may specify another path via --socket <path>, this path may have
> wrong permission. I'm considering how to handle this situation.
Good point, we do need to cover that case.
Perhaps the work done by xdg_runtime_dir() needs to be split into two
fucntions: one to just provide the path, and the second to securely
create a given path.
-Peff
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html