From 6980aa72cf9d93d7462f449b70c6ed1c022e9e04 Mon Sep 17 00:00:00 2001 From: Johannes Knoedtel <johannes.knoedtel@fau.de> Date: Tue, 15 Dec 2020 19:12:46 +0100 Subject: [PATCH] use XDG_RUNTIME_DIR instead of /tmp The issue is, that POSIX only enforces the permissions of the containing directory but not the permissions of the socket itself. This can lead to potential security issues, as the command socket is not built for untrusted input. In the case that `XDG_RUNTIME_DIR` is not available, a directory under `/tmp` is created having the correct permissions to protect the socket under it. --- client/client.py | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/client/client.py b/client/client.py index 4423c7e..310abef 100755 --- a/client/client.py +++ b/client/client.py @@ -11,6 +11,8 @@ import time import logging import argparse import websockets +import pathlib +import tempfile class MPV: @@ -159,7 +161,14 @@ running""", del args.start_mpv if args.mpv_socket is None: - args.mpv_socket = "/tmp/mpvsocket" + if "XDG_RUNTIME_DIR" in os.environ: + args.tmp_dir = None + xdg_runtime_dir = os.environ["XDG_RUNTIME_DIR"] + else: + args.tmp_dir = tempfile.TemporaryDirectory(dir="/tmp", prefix="mpvsync-") + xdg_runtime_dir = args.tmp_dir.name + + args.mpv_socket = pathlib.Path(xdg_runtime_dir) / "mpvsocket" elif not is_socket(args.mpv_socket): parser.error( f"""The given socket path {args.mpv_socket} is not a UNIX socket""" @@ -183,6 +192,8 @@ def main(): asyncio.run(async_main(args)) except KeyboardInterrupt: logging.info("Got KeyboardInterrupt. Terminating gracefully.") + if args.tmp_dir is not None: + args.tmp_dir.cleanup() sys.exit(0) -- GitLab