On Aug 15, 2008, at 12:21 , Jeff Johnson wrote:
On Aug 15, 2008, at 10:33 AM, Jason Coco wrote:On Aug 15, 2008, at 11:11 , Jeff Johnson wrote:Jason, See the following threads for some discussion of these issues:http://lists.apple.com/archives/Macnetworkprog/2008/Apr/ msg00033.htmlhttp://lists.apple.com/archives/Xcode-users/2008/Jul/msg00283.htmlInteresting... thanks, Jeff. So I guess the answer is for speed/non- sensitive cache data, maybe confstr(_CS_DARWIN_USER_CACHE_DIR, path, length) is the appropriate call... and maybe for data that may need to actually reside in the filevault, regardless of speed, the return value from the Cocoa call is more appropriate (~/ Library/Caches)?That sounds reasonable.I would like to point out a couple of interesting things, though...1) ~/Library/Caches is world writable too... so as long as you're logged in, even if you have your filevault armed, you're still gonna be somewhat vulnerable to cache attacks.This is incorrect, FileVault or not. Where do you get that idea?
Oh my... I came to this conclusion because /my/ Caches directory was world-writeable. I checked another local account on my machine and that Caches directory was also world-writeable. Finally, I created a new account and checked, whereupon I discovered that it was read-write-exec only by the owner. Hmm... seems like some dumb application is messing with my Caches directory permissions...
I'll have to check that out! Thanks again, J
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to [EMAIL PROTECTED]
