john.lenton at canonical.com
Fri Aug 14 14:03:46 UTC 2015
we're currently not exposing a runtime dir to snaps, and that together
with our private random tmpdirs mean we don't have a good story for a
snap shipping a service that creates a socket and a binary that wants
to communicate with that service over that socket; people are using
the data dir for now, but it's not ideal.
I think we should:
* remove the random component from the tmpdir (this has security
implications around the predictable tmpdir creation, but I think it's
* set up a private per-package system runtime dir mount, similarly to
what we do for /tmp (ie make it a sub of /run/
* set up a private per-package user runtime dir mount, under
does this all make sense, or am i overthinking it?
More information about the snappy-devel