[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: enhance security via private TMP/TMPDIR by default

From: Matthew Miller <mattdm mattdm org>
To: Development discussions related to Fedora Core <fedora-devel-list redhat com>
Subject: Re: enhance security via private TMP/TMPDIR by default
Date: Wed, 1 Jun 2005 15:16:11 -0400

On Fri, May 27, 2005 at 04:15:45PM -0400, Peter Jones wrote:
> Yeah, that's better than just blindly using ~/tmp/.  But why have the
> extra complexity?  Why not always do mktemp and the bind+namespace
> magic?  This does have some advantage -- all users' tmp dirs are created
> the way the admin intended when he set the system up, and they're easy
> to find if he needs to look for them, for whatever reason.

Well, at this point, the bind+namespace magic is more complex. But it seems
sufficiently promising that it's probably worth waiting until it's solid
before implementing anything.

-- 
Matthew Miller           mattdm mattdm org        <http://www.mattdm.org/>
Boston University Linux      ------>                <http://linux.bu.edu/>
Current office temperature: 78 degrees Fahrenheit.

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]