Create a secure temp path instead of a predictable one (Thanks Han)
With this commit, i3 will now use either $XDG_RUNTIME_DIR/i3 (XDG_RUNTIME_DIR is only writable by the user, so this is not a problem) or a secure temporary location in /tmp, following the pattern /tmp/i3-<user>.XXXXXX
This commit is contained in:
Michael Stapelberg
6
docs/ipc
6
docs/ipc
@ -11,8 +11,10 @@ workspace bar.
|
||||
The method of choice for IPC in our case is a unix socket because it has very
|
||||
little overhead on both sides and is usually available without headaches in
|
||||
most languages. In the default configuration file, the ipc-socket gets created
|
||||
in +/tmp/i3-%u/ipc-socket.%p+ where +%u+ is your UNIX username and +%p+ is the
|
||||
PID of i3. You can get the socketpath from i3 by calling +i3 --get-socketpath+.
|
||||
in +/tmp/i3-%u.XXXXXX/ipc-socket.%p+ where +%u+ is your UNIX username, +%p+ is
|
||||
the PID of i3 and XXXXXX is a string of random characters from the portable
|
||||
filename character set (see mkdtemp(3)). You can get the socketpath from i3 by
|
||||
calling +i3 --get-socketpath+.
|
||||
|
||||
All i3 utilities, like +i3-msg+ and +i3-input+ will read the +I3_SOCKET_PATH+
|
||||
X11 property, stored on the X11 root window.
|
||||
|
||||
@ -643,16 +643,19 @@ programs to get information from i3, such as the current workspaces
|
||||
(to display a workspace bar), and to control i3.
|
||||
|
||||
The IPC socket is enabled by default and will be created in
|
||||
+/tmp/i3-%u/ipc-socket.%p+ where +%u+ is your UNIX username and +%p+ is the PID
|
||||
of i3.
|
||||
+/tmp/i3-%u.XXXXXX/ipc-socket.%p+ where +%u+ is your UNIX username, +%p+ is
|
||||
the PID of i3 and XXXXXX is a string of random characters from the portable
|
||||
filename character set (see mkdtemp(3)).
|
||||
|
||||
You can override the default path through the environment-variable +I3SOCK+ or
|
||||
by specifying the +ipc-socket+ directive. This is discouraged, though, since i3
|
||||
does the right thing by default.
|
||||
does the right thing by default. If you decide to change it, it is strongly
|
||||
recommended to set this to a location in your home directory so that no other
|
||||
user can create that directory.
|
||||
|
||||
*Examples*:
|
||||
----------------------------
|
||||
ipc-socket /tmp/i3-ipc.sock
|
||||
ipc-socket ~/.i3/i3-ipc.sock
|
||||
----------------------------
|
||||
|
||||
You can then use the +i3-msg+ application to perform any command listed in
|
||||
|
||||
Reference in New Issue
Block a user