Re: Uploaded tmpreaper 1.4.8 (source i386) to master

To: debian-devel@lists.debian.org
Subject: Re: Uploaded tmpreaper 1.4.8 (source i386) to master
From: Manoj Srivastava <srivasta@datasync.com>
Date: 16 Sep 1998 14:37:40 -0500
Message-id: <[🔎] 87lnnju9vf.fsf@tiamat.datasync.com>
In-reply-to: Paul Slootman's message of "Wed, 16 Sep 1998 11:31:25 +0200"
References: <E0zIefO-0001wQ-00@alf.toecompst.nl> <19980914130647.U8006@kitenet.net> <19980915191641.C2802@wau.mis.ah.nl> <[🔎] 19980915125932.M835@kitenet.net> <[🔎] 19980916113125.C26071@wau.mis.ah.nl>

Hi,
>>"Paul" == Paul Slootman <paul@wau.mis.ah.nl> writes:


 Paul> Well, I personally have installed about 8 debian systems, on
 Paul> which only one random people are permitted to log into.  Note
 Paul> there's a distinction here between ftp / www / whatever servers
 Paul> and login servers. It's people with shell access to the system
 Paul> you have to worry about here; not having tmpreaper on a www
 Paul> server won't reduce its security (if anyone can give a
 Paul> counterexample, I'll be happy to revise my POV).

	I think that a Debian machine should be as secure as possible
 in the default configuration. Could you give other reason's than "You
 don't really need this level of security"? Is there any harm in
 having tmpreaper on the machine?

	In security parlance, any statement like "well, we felt we did
 not need the security" is suspect and leaves on with the same
 feelings as watching the co-ed camper walk into the dark barn to get
 something in a horror flick does. If you are in a horror flick, carry
 plenty of light, and flock. On a computer system, add as much
 security as you can bear to have in place.

 Paul> extra
 Paul> 	This contains packages that conflict with others with higher
 Paul> 	priorities, or are only likely to be useful if you already know
 Paul> 	what they are or have specialised requirements. 

	A multisuer system has never been ``specialized requirements''
 for any UNIX box. It is a specialized requirement for NT, sure, but I
 expect any UNIX box to be fully multi-user capable. In this day and
 age, that may well mean tmpreaper. 

	From my experience on UNIX systems, I also expect to see /tmp
 cleared up from time to time. This is normal. 

	These two taken together seem to argue for a standard
 tmpreaper, with documentation that discourages tmp cleaning without
 tmpreaper. 

	I would expect a single user only machine to be a special
 case, really.

	manoj
-- 
 Nezvannyi gost'--khuzhe tatarina. [An uninvited guest is worse than
 the Mongol invasion] Russian proverb
Manoj Srivastava  <srivasta@acm.org> <http://www.datasync.com/%7Esrivasta/>
Key C7261095 fingerprint = CB D9 F4 12 68 07 E4 05  CC 2D 27 12 1D F5 E8 6E

Reply to:

Follow-Ups:
- Re: Uploaded tmpreaper 1.4.8 (source i386) to master
  - From: Paul Slootman <paul@wau.mis.ah.nl>
- Re: Uploaded tmpreaper 1.4.8 (source i386) to master
  - From: Joey Hess <joey@kitenet.net>

References:
- Re: Uploaded tmpreaper 1.4.8 (source i386) to master
  - From: Joey Hess <joey@kitenet.net>
- Re: Uploaded tmpreaper 1.4.8 (source i386) to master
  - From: Paul Slootman <paul@wau.mis.ah.nl>

Prev by Date: Re: Info sucks?
Next by Date: balsa anyone?
Previous by thread: Re: Uploaded tmpreaper 1.4.8 (source i386) to master
Next by thread: Re: Uploaded tmpreaper 1.4.8 (source i386) to master
Index(es):
- Date
- Thread