Re: Xcode 3.1 is available at connect.apple.com (Part 2b)
Re: Xcode 3.1 is available at connect.apple.com (Part 2b)
- Subject: Re: Xcode 3.1 is available at connect.apple.com (Part 2b)
- From: Bill Bumgarner <email@hidden>
- Date: Sat, 12 Jul 2008 13:53:20 -0700
On Jul 12, 2008, at 1:25 PM, Jeff Johnson wrote:
Thanks for the information. I assume that Xcode 2.5 is still
vulnerable to this, then?
Yes, not that it is a huge vulnerability, but it is.
I don't understand, though, why "~/Library/Caches" isn't used, as
opposed to either "/Library/Caches" or "/var/folders". It seems to
me that all user-specific files should go within the user's home.
You can make an exception for network home directories, as Jens
Alfke suggests, but for everyone else they should go in the home
directory by default.
Security is a compromise between performance/convenience and, well,
security.
Sticking the cache in ~ would make sense in that a filevault'd home
account would have it locked down, but performance goes out the window
with networked filesystems or, though not as badly, filevault. It
isn't limited entirely to local vs. network, either. Quite a few folks
have their home account on an external drive that is potentially on a
comparatively slow interface as compared to the internal drive of the
machine. The cache files need to be on fast storage and this can be
problematic. Thus, detecting exactly when it would be appropriate to
use ~ vs. / is actually fairly difficult to do reliably.
b.bum
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Xcode-users mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden