[cfe-dev] RFC: Move default module cache path from /tmp

David Chisnall via cfe-dev cfe-dev at lists.llvm.org
Mon Jun 22 05:14:01 PDT 2020

On 21/06/2020 10:54, David Zarzycki via cfe-dev wrote:
> Hello,
> I'd like to request that we move the default module cache that is 
> currently created in /tmp to somewhere that isn't a shared writable 
> directory (with all of the associated security risks).

This hasn't really been an issue for a long time on modern *NIX systems. 
  /tmp usually has the sticky bit set, which allows any user to create a 
file or directory owned by them and with permissions that are not world 
readable,(and mkdirtemp does that automatically).

> The traditional Unix solution for caches (web browser, ccache, etc) is 
> to have a directory in $HOME.

There are three places where caches live on *NIX (ignoring XNU systems, 
which add a few more):

  - /tmp, for caches that are safe to discard across reboots
  - /var/cache, for things that are shared and are expected to persist 
across reboots
  - ~/.cache (if $XDG_CACHE_HOME is unsed), for things that are pre-user 
and are persistent.

> I'd like to suggest moving the clang module cache there.

If the cache is per-user (for security, I believe it has to be, unless 
there is a trusted clang daemon running somewhere to maintain 
system-wide ones) and should be preserved across reboots, I agree.  We 
should put them somewhere like $XDG_CACHE_HOME/clang.

That said, on a lot of systems, $HOME is a lot slower than a build disk 
and so it would be nice to have an environment variable to override this 


More information about the cfe-dev mailing list