[Users] [Bug 2828] Use MD5 digest for socket name

[Rich Pieri]

On Sun, 2 Dec 2012 19:37:18 +0100
Colin Leroy <colin at colino.net> wrote:

> In fact concurrent mailbox access is OK, be it MH or IMAP.

Okay, I guess we don't agree on this point. :)

The UW, Courier and Dovecot IMAP servers try to be meticulous about
locking files and directories before performing potentially destructive
operations. They do this specifically to avoid concurrent writes which
would result in damaged or destroyed mail.

I won't make statements about MH or nhm since I haven't used them in
many years.

Consider this: user has his home directory on NFS or AFS. User starts
CM on one workstation. User starts CM on another workstation. This is a
concurrency problem. Unix Domain Sockets are local to the nodes they
are created on. There is no place that you can put the lock socket
where the second instance can tell that it is the second instance. Both
instances have full write access to the same claws-mark and claws-cache
files in the MH directories.

This is an environment that I work in every day: I manage an AFS cell
for about 150 users. One of my faculty lost 3 months worth of mail late
last year due to a similar problem involving Thunderbird.

There's a new wrinkle coming down the 'pike: Dropbox. Colleges and
universities that have traditionally provided computing facilities to
students have been looking at Dropbox to replace or supplement NFS and
AFS home directories. Consider how messy things can get if a user with
such a profile logs in and starts CM before the Dropbox software fully
synchronizes the configuration and cache (to wit: a partial copy of the
config directory).

I've not seen this implemented yet so I can't say just how bad it would
be. One of my reasons for addressing the socket path is to put a CM
configuration in a Dropbox folder to see what happens under various
abuses. The worst case I can imagine falls into the "catastrophic"
category.

-- 
Rich P.