rust-lang/rust
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
d39afacbdfbc4fb1f8a6dcdb4af7c357bae8f7db
rust/library/std/src/sys/pal/unix
History
许杰友 Jieyou Xu (Joe) f860f5bf90 Rollup merge of #131505 - madsmtm:darwin_user_temp_dir, r=dtolnay 
use `confstr(_CS_DARWIN_USER_TEMP_DIR, ...)` as a `TMPDIR` fallback on Darwin

Rebased version of https://github.com/rust-lang/rust/pull/100824, FCP has completed there. Motivation from https://github.com/rust-lang/rust/pull/100824#issuecomment-1262264127:

> This is a behavioral change in an edge case on Darwin platforms (macOS, iOS, ...).
>
> Specifically, this changes it so that iff `TMPDIR` is unset in the environment, then we use `confstr(_CS_DARWIN_USER_TEMP_DIR, ...)` to query the user temporary directory (previously we just returned `"/tmp"`). If this fails (probably possible in a sandboxed program), only then do we fallback to `"/tmp"` (as before).
>
> The motivations here are two-fold:
>
> 1. This is better for security, and is in line with the [platform security recommendations](https://developer.apple.com/library/archive/documentation/Security/Conceptual/SecureCodingGuide/Articles/RaceConditions.html#//apple_ref/doc/uid/TP40002585-SW10), as it is unavailable to other users (although it is the same value as seen by all other processes run by the same user).
> 2. This is a more consistent fallback for when `getenv("TMPDIR")` is unavailable, as `$TMPDIR` is usually initialized to the `DARWIN_USER_TEMP_DIR`.
>
> It seems quite unlikely that anybody will break because of this, and I think it falls under the carve-out we have for platform specific behavior: https://doc.rust-lang.org/nightly/std/io/index.html#platform-specific-behavior.

Closes https://github.com/rust-lang/rust/issues/99608.
Closes https://github.com/rust-lang/rust/pull/100824.

``@rustbot`` label O-apple T-libs-api

r? Dylan-DPC
2024-11-23 20:19:52 +08:00
..
fd
Reformat use declarations.
2024-07-29 08:26:52 +10:00
fs
Show mode_t as octal in std::fs Debug impls
2024-04-09 18:12:41 -07:00
kernel_copy
Reformat use declarations.
2024-07-29 08:26:52 +10:00
linux
Remove needless returns detected by clippy in libraries
2024-09-08 21:51:00 +02:00
os
Don't try to use confstr in Miri
2024-11-22 07:59:51 +01:00
process
library: consistently use American spelling for 'behavior'
2024-10-25 12:02:47 +02:00
args.rs
Initial std library support for NuttX
2024-09-24 15:35:40 +08:00
env.rs
Initial std library support for NuttX
2024-09-24 15:35:40 +08:00
fd.rs
Initial std library support for NuttX
2024-09-24 15:35:40 +08:00
fs.rs
Fix compilation error on Solaris due to flock usage
2024-11-13 06:53:19 -08:00
futex.rs
Abstract the state type for futexes
2024-10-17 12:21:53 -07:00
io.rs
Add as_slice/into_slice for IoSlice/IoSliceMut.
2024-11-09 18:52:29 +00:00
kernel_copy.rs
Rollup merge of #128303 - NobodyXu:specialise-for-pipe, r=cuviper
2024-08-03 11:17:43 +02:00
l4re.rs
Add missing read_buf stub for x86_64-unknown-l5re-uclibc
2024-09-02 16:14:28 -04:00
mod.rs
Rollup merge of #130595 - no1wudi:master, r=ibraheemdev
2024-09-25 10:09:22 +02:00
net.rs
Use &raw in the standard library
2024-09-25 17:03:20 -07:00
os.rs
Don't try to use confstr in Miri
2024-11-22 07:59:51 +01:00
pipe.rs
[illumos] use pipe2 to create anonymous pipes
2024-11-13 05:48:06 +00:00
stack_overflow.rs
std::unix::stack_overflow::drop_handler addressing todo through libc update
2024-10-17 21:34:51 +01:00
stdio.rs
thread_parking.rs
Reformat using the new identifier sorting from rustfmt
2024-09-22 19:11:29 -04:00
thread.rs
Android: Debug assertion after setting thread name
2024-10-05 21:29:40 +03:00
time.rs
Use target_vendor = "apple" instead of target_os = "..."
2024-04-28 18:22:37 +02:00
weak.rs
Dogfood
2024-08-01 21:32:12 -03:00