• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Question about directory for Application Caches
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Question about directory for Application Caches

  • Subject: Re: Question about directory for Application Caches
  • From: Jason Coco <email@hidden>
  • Date: Fri, 15 Aug 2008 11:33:55 -0400

On Aug 15, 2008, at 11:11 , Jeff Johnson wrote:

Jason,

See the following threads for some discussion of these issues:

http://lists.apple.com/archives/Macnetworkprog/2008/Apr/msg00033.html

http://lists.apple.com/archives/Xcode-users/2008/Jul/msg00283.html

Interesting... thanks, Jeff. So I guess the answer is for speed/non- sensitive cache
data, maybe confstr(_CS_DARWIN_USER_CACHE_DIR, path, length) is the appropriate
call... and maybe for data that may need to actually reside in the filevault, regardless of
speed, the return value from the Cocoa call is more appropriate (~/ Library/Caches)?

I would like to point out a couple of interesting things, though...

1) ~/Library/Caches is world writable too... so as long as you're logged in, even if you have
your filevault armed, you're still gonna be somewhat vulnerable to cache attacks.
2) The new temporary directory (returned the same by confstr(_CS_DARWIN_USER_TEMP_DIR,...)
and NSTemporaryDirectory(...) is also outside the sphere of filevault /and/ your files there
are not necessarily erased on log-out. I think it's cleaned up with the computer boots (although it
may be deleted on shutdown, but I don't think so)... so if any sensitive information were written to
the temp dir and the application relied on it being cleaned by the OS, that could be an issue too if
your physical drive were compromised...

Too bad these aren't sysctl variables that could be set if security were more important to the user
than performance... I checked the darwin source and the directories returned by confstr(...) are
hard-coded into libc...

/Jason

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: Question about directory for Application Caches
      • From: Phil <email@hidden>
    • Re: Question about directory for Application Caches
      • From: Jeff Johnson <email@hidden>
References: 
 >Question about directory for Application Caches (From: Jason Coco <email@hidden>)
 >Re: Question about directory for Application Caches (From: Jeff Johnson <email@hidden>)

  • Prev by Date: Re: Table column header not highlighted at first
  • Next by Date: Re: Table column header not highlighted at first
  • Previous by thread: Re: Question about directory for Application Caches
  • Next by thread: Re: Question about directory for Application Caches
  • Index(es):
    • Date
    • Thread