From: Poster Matt on
Hi,

I'm returning to programming for UNIX/Linux in C after a break of 15 years,
ouch, so apologies if this is a real newbie question.

My code needs to fopen a config file in a user's home directory, I rapidly
worked out that using "~/.config_file_name" was a no-no, as the '~' does not
evaluate the same way it would from the shell.

Instead I am using getenv("HOME") to get the path to the user's home directory,
that works fine.

My question is if the HOME environment variable can always be relied on?

Is there a different way of doing this, or have I chosen the established best
way of doing it already?

Many thanks all. Regards,

Matt
From: Nicolas George on
Poster Matt wrote in message
<rbzen.40770$Ym4.18675(a)text.news.virginmedia.com>:
> My question is if the HOME environment variable can always be relied on?

Depends on what you mean by "relied upon".

$HOME is what the user wants the program to use as home directory. It is set
by default according to /etc/passwd or similar, but the user can change it.
The base information can be read using getpwuid and the pw_dir field.

If the home of the user is /home/john, but $HOME points to /tmp/home, for
example, that probably means the user is trying something specific, like
testing a change in a configuration file. In that case, it is probably best
to follow the change. Programs that try to be smarter and end up not obeying
to the user are really annoying.

There is an exception, of course, if there is a security problem. But I can
only find far-fetched situations where the current process' user's home
directory is necessary and $HOME is unreliable.
From: Måns Rullgård on
Nicolas George <nicolas$george(a)salle-s.org> writes:

> Poster Matt wrote in message
> <rbzen.40770$Ym4.18675(a)text.news.virginmedia.com>:
>> My question is if the HOME environment variable can always be relied on?
>
> Depends on what you mean by "relied upon".
>
> $HOME is what the user wants the program to use as home directory. It is set
> by default according to /etc/passwd or similar, but the user can change it.
> The base information can be read using getpwuid and the pw_dir field.
>
> If the home of the user is /home/john, but $HOME points to /tmp/home, for
> example, that probably means the user is trying something specific, like
> testing a change in a configuration file. In that case, it is probably best
> to follow the change. Programs that try to be smarter and end up not obeying
> to the user are really annoying.
>
> There is an exception, of course, if there is a security problem. But I can
> only find far-fetched situations where the current process' user's home
> directory is necessary and $HOME is unreliable.

Some programs, e.g. ssh, do some extra checks on the ownership and
permission of files before using them for security-critical purposes.
This seems like a sensible approach to me.

--
M�ns Rullg�rd
mans(a)mansr.com
From: Poster Matt on
Nicolas George wrote:
> Poster Matt wrote in message
> <rbzen.40770$Ym4.18675(a)text.news.virginmedia.com>:
>> My question is if the HOME environment variable can always be relied on?
>
> Depends on what you mean by "relied upon".

All I meant was if I could rely on using getenv("HOME") to reliably get the home
directory of a user, in all normal situations.

I suppose I was just checking in case there were differences between flavours of
UNIX/Linux in where the home directory environment variable was stored. For
example if HOME_DIR was used sometimes or if HOME is often left unset.


> There is an exception, of course, if there is a security problem. But I can
> only find far-fetched situations where the current process' user's home
> directory is necessary and $HOME is unreliable.

Many thanks Nicholas. Very helpful and I'll proceed with using HOME.

Cheers.
From: David Schwartz on
On Feb 16, 8:45 am, Poster Matt <postermatt(a)no_spam_for_me.org> wrote:

> > Depends on what you mean by "relied upon".

> All I meant was if I could rely on using getenv("HOME") to reliably get the home
> directory of a user, in all normal situations.

That doesn't answer the question. Do you mean "what the user wants me
to use as his home directory" or "securely get what the system
administrator set as the user's home directory"? Do you want the user
to be able to override this if he needs to or not?

> I suppose I was just checking in case there were differences between flavours of
> UNIX/Linux in where the home directory environment variable was stored. For
> example if HOME_DIR was used sometimes or if HOME is often left unset.

If it's unset, use 'getpwuid(getuid());'

DS
 |  Next  |  Last
Pages: 1 2
Prev: IGMP snooping
Next: Forging IPv6 addresses?