mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-04-17 19:18:06 -05:00
24cd95b6f9
I had initially assumed that, since all of a user's per-connection subdirectories live inside a top-level putty-connshare.$USER directory that's not accessible to anyone else, there would be no need to obfuscate the names of the internal directories for privacy, because nobody would be able to look at them anyway. Unfortunately, that's not true: 'netstat -ax' run by any user will show up the full pathnames of Unix-domain sockets, including pathname components that you wouldn't have had the access to go and look at directly. So the Unix connection sharing socket names do need to be obfuscated after all. Since Unix doesn't have Windows's CryptProtectMemory, we have to do this manually, by creating a file of random salt data inside the top-level putty-connshare directory (if there isn't one there already) and then hashing that salt with the "user@host" connection identifier to get the socket directory name. What a pain. [originally from svn r10222]