Re: Uploaded tmpreaper 1.4.8 (source i386) to master

To: Joey Hess <joey@kitenet.net>
Cc: Paul Slootman <paul@debian.org>, debian-devel@lists.debian.org
Subject: Re: Uploaded tmpreaper 1.4.8 (source i386) to master
From: karlheg@inetarena.com (Karl M. Hegbloom)
Date: 17 Sep 1998 23:16:12 -0700
Message-id: <[🔎] 87af3yvtcj.fsf@bittersweet.inetarena.com>
In-reply-to: Joey Hess's message of "Tue, 15 Sep 1998 12:59:32 -0700"
References: <E0zIefO-0001wQ-00@alf.toecompst.nl> <19980914130647.U8006@kitenet.net> <19980915191641.C2802@wau.mis.ah.nl> <[🔎] 19980915125932.M835@kitenet.net>

 I'm the previous maintainer and part author of `tmpreaper'. (which
 descends from Eric Troan's (Red Hat) `tmpwatch' program.)

 I am by no means a "security expert", nor a "professional system
 administrator";  I am a "beginner programmer wannabee".

 I made a statement to the effect that I didn't think you really need
 `tmpreaper' on a box that nobody else uses, or where you trust all of
 the users, since it seems unlikely to me that anyone would exploit
 the race that `tmpreaper' is meant to protect us from.

 It occurs to me now that perhaps a trojan horse could set it up... on
 a box where the attacker knows that tmp is cleaned by a find command.

 I clean tmp by hand on my workstation; that's why I gave `tmpreaper'
 away.  I'm not using it, and don't admin any machines where it might
 be used.  (... and I've been spending my time at other things.)

 When I debianized it, I used `debmake'.  It chose the `optional' or
 `extra' for me.  I never thought about it really.

Reply to:

References:
- Re: Uploaded tmpreaper 1.4.8 (source i386) to master
  - From: Joey Hess <joey@kitenet.net>

Prev by Date: Re: modutils stops me dead:)
Next by Date: Re: Uploaded tmpreaper 1.4.8 (source i386) to master
Previous by thread: Re: Uploaded tmpreaper 1.4.8 (source i386) to master
Next by thread: Re: Uploaded tmpreaper 1.4.8 (source i386) to master
Index(es):
- Date
- Thread