[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
enhance security via private TMP/TMPDIR by default
- From: Matthew Miller <mattdm mattdm org>
- To: Development discussions related to Fedora Core <fedora-devel-list redhat com>
- Subject: enhance security via private TMP/TMPDIR by default
- Date: Thu, 12 May 2005 11:55:04 -0400
Just a thought:
/etc/profile.d/tmpdir.sh:
# For privacy and security, set temporary directories to ~/tmp on local
# filesystems -- but for network filesystems, make up one in /tmp.
# The trap statement cleans up the temporary directory if it's empty on exit.
if [ -z "$TMP" ]; then
if [ $EUID -ne 0 ] && [ -d $HOME/tmp ] &&
[ $( df --local $HOME | wc -l ) -gt 1 ]; then
TMP=$HOME/tmp
else
TMP=$( mktemp -d /tmp/${HOSTNAME}.tmp.XXXXXXXX ) || exit 1
trap "rmdir --ignore-fail-on-non-empty $TMP" EXIT
fi
fi
if [ -z "$TMPDIR" ]; then
TMPDIR=$TMP
fi
--
Matthew Miller mattdm mattdm org <http://www.mattdm.org/>
Boston University Linux ------> <http://linux.bu.edu/>
Current office temperature: 82 degrees Fahrenheit.
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]