Skip to content

Set XDG_RUNTIME_DIR perimssions to 700 #174

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
slp merged 1 commit into from
Jun 12, 2025
Merged

Set XDG_RUNTIME_DIR perimssions to 700 #174

slp merged 1 commit into from
Jun 12, 2025

Conversation

@kitlith
Copy link
Contributor

@kitlith kitlith commented May 14, 2025

The current behavior seems to date back to the initial commit of the original C version of this tool:

teohhanhui/krun.legacy@01ae759#diff-ba1f55157a5e8661da39884a2669de7c912ff94d98134d6d520ed0468670e39bR198

Is anything relying on this extra permissiveness? I didn't notice any breakage in a quick test after patching this (consisting of launching Balatro through steam, nevermind that I normally just use the native build of love to run balatro) but that doesn't mean much.

@kitlith
Set XDG_RUNTIME_DIR perimssions to 700
fe3fc43 
From the spec: "Its Unix access mode MUST be 0700". Some software
will check this and throw an error if it isn't. For instance, the
xdg crate returns an `Err(XdgRuntimeDirInsecure(/*...*/))` under
muvm.

Signed-off-by: Kitlith <kitlith@kitl.pw>
@kitlith kitlith force-pushed the xdg_runtime_700 branch from 654ea3e to fe3fc43 Compare May 14, 2025 06:47
@teohhanhui
Copy link
Collaborator

teohhanhui commented May 14, 2025

Relevant section of the spec:

$XDG_RUNTIME_DIR defines the base directory relative to which user-specific non-essential runtime files and other file objects (such as sockets, named pipes, ...) should be stored. The directory MUST be owned by the user, and they MUST be the only one having read and write access to it. Its Unix access mode MUST be 0700.

https://specifications.freedesktop.org/basedir-spec/latest/

@slp slp merged commit ef920fb into AsahiLinux:main Jun 12, 2025
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@teohhanhui teohhanhui teohhanhui approved these changes

@slp slp Awaiting requested review from slp slp is a code owner

@alyssarosenzweig alyssarosenzweig Awaiting requested review from alyssarosenzweig alyssarosenzweig is a code owner

@WhatAmISupposedToPutHere WhatAmISupposedToPutHere Awaiting requested review from WhatAmISupposedToPutHere WhatAmISupposedToPutHere is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@kitlith @teohhanhui @slp