[monodoc] Look for docs in LocalApplicationData
Problem: At present, the MonoTouch installer merges MonoTouch
documentation "stubs" with the locally installed iOS documentation,
and installs them into
/Library/Frameworks/Mono.framework/External/monodoc. Since this
directory isn't world writable, you need to be root to do it.
Previously this wasn't a major problem ("just" run the updater as
root), but Apple is now suggesting the use of a setuid binary to do
this instead of privilege escalation:
http://blog.neteril.org/blog/2012/12/06/a-better-monomac-privilege-elevation/
The problem is that setuid binaries are notoriously difficult to write
properly, and have a large number of ways to be exploited. This is bad.
To avoid this, we instead want to stick the merged documentation into
the per-user directory, which means the updater does NOT need to run
as root, we don't need to write the documentation to a protected
directory, and the security concerns are significantly saner.
This in turn means that monodoc.dll needs to be able to look for docs
in a per-user directory, thus this patch:
Update monodoc.dll to look for documentation in the directory:
Path.Combine (
Environment.GetFolderPath (Environment.SpecialFolder.LocalApplicationData),
"monodoc")
(On OS X/Unix, this is ~/.local/share/monodoc.)
This is a per-user directory, writable by the user.
projects / mono.git / commit