enhance security via private TMP/TMPDIR by default

Matthew Miller mattdm at mattdm.org
Tue May 24 22:24:45 UTC 2005


On Tue, May 24, 2005 at 06:18:43PM -0400, Peter Jones wrote:
> > 1. Each user should have there own ~/tmp space which only they can
> > access.  This could be used for the users agent sockets, but also just
[...]
> Of course, ~/tmp/ really sucks for this -- lots of places use nfs
> homedirs, and you'd rather not put the sort of stuff you use /tmp for on
> the network.

Which goes back to my original post here, which cleverly (?) checks if ~/tmp
is on a local filesystem and uses mktemp in /tmp otherwise.


(PS: there's an obvious error in that first post, in that the variables
should be actually exported.)

-- 
Matthew Miller           mattdm at mattdm.org        <http://www.mattdm.org/>
Boston University Linux      ------>                <http://linux.bu.edu/>
Current office temperature: 73 degrees Fahrenheit.




More information about the fedora-devel-list mailing list