There’s quite a lot of programs that make use of XDG_CONFIG, with the default set to .config in most distros. However, there’s also quite a few programs that have rejected this, sticking with a format that is not XDG-conforming.
One such example is OpenSSH, as can be seen in the following page - it makes use of the ~/.ssh directory. Why is that OpenSSH does not conform to this specification? Are there any security vulnerabilities? If so, then shouldn’t there be another specification by Freedesktop.org, which allots a secure directory for the same?
if they switch it will cause a lot of trouble at first. it’s used everywhere. some management software has .ssh/ hardcoded.
they can’t be automatically backwards compatible, because it would mean an alternate location for a authorized_key file etc, which is dangerous. so, hosts updating need to be checked and migrated. some people will be locked out.
however, after the initial chaos it should be fine.
Well yes, after breaking countless tools with repercussions possibly in the decade range, punching security holes in systems that were hardened with certain expectations (my head aches at the amount of “lol the admin didn’t restrict .config/ssh”) - after all this havoc we will have a native bsd server software that finally complies with a Linux desktop standard. I don’t see downsides to this.
it will secure a lot of jobs 😆