dbus-server-socket: Make unix:tmpdir equivalent to unix:dir

unix:tmpdir and unix:dir were always equivalent on non-Linux platforms
such as the BSDs, where only the POSIX path-based (unix:path) sockets
are supported, and the OS-specific abstract (unix:abstract) sockets
are not.

On Linux, the difference between them is that since commit a70b042f
(2003-06-04), unix:tmpdir would use abstract Unix sockets. This avoids
needing to clean up the sockets from the filesystem when finished with
them, but it turns out to be problematic when using namespace-based
containers (see previous commits and dbus/dbus#416), so 14 years later,
in commit b951c500 "Add unix:dir=/something addresses" I added unix:dir
which had the original unix:tmpdir behaviour, namely always producing a
unix:path socket.

To avoid these sockets becoming an unintended sandbox escape, we can
make unix:tmpdir equivalent to unix:dir on all platforms, partially
reverting commit a70b042f. This is technically not even an incompatible
spec change, because (as is necessary to make the spec implementable on
*BSD) the spec only says that server implementations *may* yield a
unix:abstract socket for unix:tmpdir, and not that they *must* do so.

This is a behaviour change and does have a regression risk, similar to
the earlier commit that changed the default session bus address. As with
that earlier commit, the justification for introducing that regression
risk is that it avoids D-Bus servers inadvertently becoming a sandbox
escape route.

Helps: dbus/dbus#416
Signed-off-by: Simon McVittie <smcv@collabora.com>
30 jobs for no-abstract-tmpdir in 14 minutes and 15 seconds (queued for 2 seconds)
latest