Le 25/03/2023 à 09:07, aitor a écrit :
>
> Hi,
>
> On 24/3/23 21:42, Didier Kryn wrote:
>> Good question. The user can't. It could be any of the programs
>> involved in initializing a user session, like console-kit.
>
> It's elogind's function:
>
> static int user_mkdir_runtime_path(
>     const char *runtime_path,
>     uid_t uid,
>     gid_t gid,
>     uint64_t runtime_dir_size,
>     uint64_t runtime_dir_inodes);
>
> in "user-runtime-dir.c":
>
> https://github.com/elogind/elogind/blob/main/src/login/user-runtime-dir.c
>
    Kudos for finding it.

    Maybe unrelated but I got this message when upgrading today:

-----------------------------------------------------------------------------------------------------------
multipath-tools (0.8.5-2+deb11u1) bullseye-security; urgency=high

  This uploaded fixes CVE-2022-41973:
  The fix involves switching from /dev/shm to systemd-tmpfiles.
  The tmpfs is mounted to /run/multipath.

  If you have previously accessed /dev/shm directly in your setup,
  please update to the new path to facilitate this change.

 -- Tobias Frost <tobi@???>  Tue, 27 Dec 2022 09:46:24 +0100
-----------------------------------------------------------------------------------------------------------

    So we've now got yet another tentacle of Systemd sneaking in.