[MacOS] Different temporary directory returned when run as sudo

[samin-cf]

With rust 1.85.0, this change was introduced which now results in a user-scoped temporary directory being returned by tempfile when the binary is run as sudo or as a service. Rust 1.84.1 and prior versions always returned /tmp if TMPDIR is unset and now that's changed.

It's likely not a problem for most cases, but I ran into an issue where I was passing the temporary directory to a process that's run as the nobody user which is unable to access the parent user's temp dir.

There may not be anything to change within tempfile. Just raising this issue for visiblity.

[Stebalien]

I was under the impression that rust always used the user-scoped temporary directories on MacOS. I guess I was wrong and I'm glad they finally made that change.

[Stebalien]

But I'll leave this issue open as I can see how it can cause regressions.

[domenkozar]

Could this WSL regression be related? cachix/devenv#1815 (comment)

[Stebalien]

No, this change is specific to MacOS and the symptoms are quite different.

[Stebalien]

Actually, now I'm confused. What WSL are we talking about here (I assumed "Windows Subsystem for Linux")?

But the change here won't cause temporary directories/files to be created in random locations, it'll cause them to be created in the correct location (getconf DARWIN_USER_TEMP_DIR). The only issue is that that directory isn't accessible to other users.

Your symptoms look like someone is setting TMPDIR and/or calling tempfile::env::override_temp_dir.