[MacPorts] #56180: use subdir for trace mode socket

MacPorts noreply at macports.org
Thu Mar 29 14:09:37 UTC 2018

#56180: use subdir for trace mode socket
 Reporter:  jmroot       |      Owner:
     Type:  enhancement  |     Status:  new
 Priority:  Normal       |  Milestone:
Component:  base         |    Version:
 Keywords:               |       Port:
 Creating the socket in /tmp means any process can potentially open it.
 This is probably only a DoS vector, but still it's not hard to do better.
 We should put it inside a non-readable temp subdirectory so only processes
 that know the socket name can use it.

 There's a comment in porttrace.tcl that suggests that not doing this is
 deliberate, but I suspect the author didn't fully understand the problem
 and how it's usually solved.

Ticket URL: <https://trac.macports.org/ticket/56180>
MacPorts <https://www.macports.org/>
Ports system for macOS

More information about the macports-tickets mailing list