[Users] [Bug 2828] Use MD5 digest for socket name

[Holger Berndt]

On Do, 29.11.2012 20:17, Rich Pieri wrote:

>> If it's to be per-user, it should just use XDG_RUNTIME_DIR.
>
>XDG_RUNTIME_DIR is not defined unless you are running an XDG-compliant
>desktop on the host where Claws Mail is running. Examples where
>XDG_RUNTIME_DIR is not defined include: Macintosh, Windows, and using
>"ssh -Y" to log into a remote server.

In fact, when I ssh into my machine, it is set. Not that it would
matter. And I don't really care about a good place to put unix
domain sockets on windows right now, thank you very much.

In general, it's good practise to follow conventions and user/system
requests where it makes sense, and provide reasonable fallbacks
otherwise. g_get_user_runtime_dir(), for example, falls back to the
cache dir when XDG_RUNTIME_DIR is not set (or on windows).

>> But anyways, it's a matter of preference what's more valuable: Safety
>> against different uids trying to mess with the same config dir at the
>> same time, or DoS prevention. Personally, I lean towards the second.
>
>This is not a matter of preference. Losing mail is the worst possible
>event. Anything that results in lost mail is incorrect behavior and
>must be avoided. There are no exceptions to this rule.

I doubt that you have the authority (or insight) to make this kind of
design decisions for Claws Mail. That's up to the maintainers.

By the way, we're not talking about concurrent access to mailboxes, and
possible mail data corruption or information loss due to that. That's
not prohibited with --alternate-config-dir anyways.

Holger