Re: Uploaded tmpreaper 1.4.8 (source i386) to master
>>"Paul" == Paul Slootman <email@example.com> writes:
Paul> Well, I personally have installed about 8 debian systems, on
Paul> which only one random people are permitted to log into. Note
Paul> there's a distinction here between ftp / www / whatever servers
Paul> and login servers. It's people with shell access to the system
Paul> you have to worry about here; not having tmpreaper on a www
Paul> server won't reduce its security (if anyone can give a
Paul> counterexample, I'll be happy to revise my POV).
I think that a Debian machine should be as secure as possible
in the default configuration. Could you give other reason's than "You
don't really need this level of security"? Is there any harm in
having tmpreaper on the machine?
In security parlance, any statement like "well, we felt we did
not need the security" is suspect and leaves on with the same
feelings as watching the co-ed camper walk into the dark barn to get
something in a horror flick does. If you are in a horror flick, carry
plenty of light, and flock. On a computer system, add as much
security as you can bear to have in place.
Paul> This contains packages that conflict with others with higher
Paul> priorities, or are only likely to be useful if you already know
Paul> what they are or have specialised requirements.
A multisuer system has never been ``specialized requirements''
for any UNIX box. It is a specialized requirement for NT, sure, but I
expect any UNIX box to be fully multi-user capable. In this day and
age, that may well mean tmpreaper.
From my experience on UNIX systems, I also expect to see /tmp
cleared up from time to time. This is normal.
These two taken together seem to argue for a standard
tmpreaper, with documentation that discourages tmp cleaning without
I would expect a single user only machine to be a special
Nezvannyi gost'--khuzhe tatarina. [An uninvited guest is worse than
the Mongol invasion] Russian proverb
Manoj Srivastava <firstname.lastname@example.org> <http://www.datasync.com/%7Esrivasta/>
Key C7261095 fingerprint = CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E