On Sun, 22 Oct 2023, Peter Oliver wrote:

> On Sun, 22 Oct 2023, Björn Bidar wrote:
>
>>>  @ example
>>>  -local$ ssh -R12345:localhost:12345 remote
>>>  -remote$ export EDITOR="emacsclient \
>>>  -        --server-file=server \
>>>  -        --tramp=/ssh:remote:"
>>>  +local$ ssh -R
>>>  "/tmp/emacs-%r.socket":"$@{XDG_RUNTIME_DIR:-$@{TMPDIR:-/tmp@}/emacs%i@}$@{XDG_RUNTIME_DIR:+/emacs@}/server"
>>>  remote
>>>  +remote$ export EMACS_SOCKET_NAME=/tmp/emacs-$USER.socket
>>
>>  If the host has run /run/user it would make sense to setup the Emacs
>>  socket inside this directory.
>>  On older systems this might be /var/run/user I think.
>
> It would, sure, but you can’t in general tell from the local side whether the 
> remote side has /run, nor what your UID is there.  You’d need an extra round 
> trip, for which you need ssh’s ControlPersist option to make performant. 
> This is too complicated for a simple example.
>
>>  If the socket fie is in /tmp every other user can read it, using /run/user
>>  is
>>  more secure.
>
> No, the socket will have permissions 0700, so other users won’t be able to 
> read it.  The risk is that other users will be able to cause a nuisance by 
> creating a file of the same name in its place.  Perhaps it’s better to 
> suggest putting the socket in the user’s home directory (which I originally 
> discounted in case of shared NFS home directories)?

Here is an update patch that does that.

I’m not sure why this bug was closed already.

-- 
Peter Oliver