There’s quite a lot of programs that make use of XDG_CONFIG, with the default set to .config in most distros. However, there’s also quite a few programs that have rejected this, sticking with a format that is not XDG-conforming.

One such example is OpenSSH, as can be seen in the following page - it makes use of the ~/.ssh directory. Why is that OpenSSH does not conform to this specification? Are there any security vulnerabilities? If so, then shouldn’t there be another specification by Freedesktop.org, which allots a secure directory for the same?

    • Draghetta@sh.itjust.works
      link
      fedilink
      arrow-up
      7
      ·
      1 year ago

      Well yes, after breaking countless tools with repercussions possibly in the decade range, punching security holes in systems that were hardened with certain expectations (my head aches at the amount of “lol the admin didn’t restrict .config/ssh”) - after all this havoc we will have a native bsd server software that finally complies with a Linux desktop standard. I don’t see downsides to this.