On 7/28/25 19:13, Demi Marie Obenour wrote: > This moves various calls to mkdir(1) to very early boot, before any > services are running. This has two advantages: > > 1. These directories are guaranteed to exist. Code can just assume that > they are there without checking for them. > > 2. Malicious code running as an unprivileged user cannot create > directories under /tmp before legitimate code has done so. > > The following directories are created under /tmp: > > - /tmp/.font-unix (used by obsolete X Font Server) is created with mode > 0000. > - The directories used by X11 are created with 1700 permissions: > - /tmp/.X11-unix (X server) > - /tmp/.ICE-unix (Inter-Client Exchange) > - /tmp/.XIM-unix (X Input Methods) > - $XDG_RUNTIME_DIR (/run/user/0) is created with 0700 permissions, as > expected by the XDG specification. > > The copyright notice for directory creation is not kept because making > one directories with well-known names and permissions is not > copyrightable and the code has been rewritten. > > Signed-off-by: Demi Marie Obenour > --- > Changes since v6: > > - Add missing S-o-b > - Add comments explaining why each directory needs to be created. > - Fix spelling errors in commit messages. > > Changes since v5: > > - Remove "directories" service in favor of creating the directories from > rc.init. > --- > img/app/etc/s6-linux-init/scripts/rc.init | 13 +++++++++++++ > img/app/etc/s6-rc/wayland-proxy-virtwl/run | 10 ---------- > 2 files changed, 13 insertions(+), 10 deletions(-) > > diff --git a/img/app/etc/s6-linux-init/scripts/rc.init b/img/app/etc/s6-linux-init/scripts/rc.init > index c5a59245ff3761e94acb974edde967806fb3b234..7744286d0282bb8e0cc40973c6a6eae4c9401630 100755 > --- a/img/app/etc/s6-linux-init/scripts/rc.init > +++ b/img/app/etc/s6-linux-init/scripts/rc.init > @@ -1,10 +1,23 @@ > #!/bin/execlineb -P > # SPDX-License-Identifier: EUPL-1.2+ > # SPDX-FileCopyrightText: 2020-2022 Alyssa Ross > +# SPDX-FileCopyrightText: 2025 Demi Marie Obenour > > if { s6-rc-init -c /etc/s6-rc /run/service } > > if { modprobe overlay } > if { mount -a --mkdir } > > +# X Font Server is obsolete > +if { mkdir -m 0000 /tmp/.font-unix } > + > +# /tmp/.X11-unix: X11 server > +# /tmp/.ICE-unix: X11 Inter-Client Exchange > +# /tmp/.XIM-unix: X11 input methods > +# Some documentation states sticky bit is required. > +if { mkdir -m 1700 /tmp/.X11-unix /tmp/.ICE-unix /tmp/.XIM-unix } > + > +# /run/user/0: "$XDG_RUNTIME_DIR" > +if { mkdir -m 0700 /run/user/0 } > + > s6-rc change ok-all > diff --git a/img/app/etc/s6-rc/wayland-proxy-virtwl/run b/img/app/etc/s6-rc/wayland-proxy-virtwl/run > index 0715d912953c8a1d326059dfd37c29799fcbb053..c1e0e088c789ab8c5fde7e50c9f4b856fff0e477 100755 > --- a/img/app/etc/s6-rc/wayland-proxy-virtwl/run > +++ b/img/app/etc/s6-rc/wayland-proxy-virtwl/run > @@ -1,16 +1,6 @@ > #!/bin/execlineb -P > # SPDX-License-Identifier: EUPL-1.2+ > # SPDX-FileCopyrightText: 2023-2024 Alyssa Ross > -# > -# Directory creation (if it's copyrightable): > -# SPDX-License-Identifier: MIT > -# SPDX-FileCopyrightText: 2022 Unikie > - > -foreground { mkdir /tmp/.X11-unix } > -foreground { > - umask 077 > - mkdir /run/user/0 > -} > > s6-ipcserver-socketbinder -B /run/user/0/wayland-0 > fdmove -c 3 0 Whoops, forgot to run `git config --global format.thread shallow` before sending. -- Sincerely, Demi Marie Obenour (she/her/hers)