2016-03-26 1:56 GMT+08:00 Jeff King <peff@xxxxxxxx>: > On Fri, Mar 25, 2016 at 10:28:55PM +0800, 惠轶群 wrote: > >> >> diff --git a/credential-cache.c b/credential-cache.c >> >> index f4afdc6..40d838b 100644 >> >> --- a/credential-cache.c >> >> +++ b/credential-cache.c >> >> @@ -105,7 +105,7 @@ int main(int argc, const char **argv) >> >> op = argv[0]; >> >> >> >> if (!socket_path) >> >> - socket_path = expand_user_path("~/.git-credential-cache/socket"); >> >> + socket_path = xdg_runtime_dir("credential-cache.sock"); >> >> if (!socket_path) >> >> die("unable to find a suitable socket path; use --socket"); >> > >> > We do our own mkdir and chmod in credential-cache; this should be >> > redundant with what xdg_runtime_dir() does, and can be removed, right? >> >> But user may specify another path via --socket <path>, this path may have >> wrong permission. I'm considering how to handle this situation. > > Good point, we do need to cover that case. > > Perhaps the work done by xdg_runtime_dir() needs to be split into two > fucntions: one to just provide the path, and the second to securely > create a given path. Good, I will implement it like that. > > -Peff -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html