[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: FHS compliance and UNIX sockets

>>>>> "Tollef" == Tollef Fog Heen <tollef@add.no> writes:

    Tollef> Putting a tmp directory into /etc/skel and setting TMPDIR
    Tollef> and TMP to $HOME/tmp might be a start?

    Tollef> The next step would probably be to search the sources for
    Tollef> /tmp and replace it with $HOME/tmp wherever possible.

There is no system in place to automatically delete files on
$HOME/tmp, nor can you use a faster file system in its place (eg local
hard-disk where /home is NFS mounted, or something like tmpfs which I
saw discussed recently on the linux-kernel mailing list).

(I assume TMPDIR and TMP need to be the same for the same user on the
one computer for multiple logins).

I would suggest /tmp/$USER/ instead.

Or if DOS is considered a problem:


where /tmp/user is owned by root, and a very simply setuid root program
does (translated to more appropriate language):

1. mkdir /tmp/user/$UID
2. chown $UID /tmp/user/$UID

Now, DOS is impossible.

(note: hope I didn't get $UID and $EUID confused; you could even make
use a command line parameter - the worst case an attacker could fill
/tmp with lots of directories owned by different users).
Brian May <bam@debian.org>

Reply to: