Re: FHS compliance and UNIX sockets
>>>>> "Tollef" == Tollef Fog Heen <tollef@add.no> writes:
Tollef> Putting a tmp directory into /etc/skel and setting TMPDIR
Tollef> and TMP to $HOME/tmp might be a start?
Tollef> The next step would probably be to search the sources for
Tollef> /tmp and replace it with $HOME/tmp wherever possible.
There is no system in place to automatically delete files on
$HOME/tmp, nor can you use a faster file system in its place (eg local
hard-disk where /home is NFS mounted, or something like tmpfs which I
saw discussed recently on the linux-kernel mailing list).
(I assume TMPDIR and TMP need to be the same for the same user on the
one computer for multiple logins).
I would suggest /tmp/$USER/ instead.
Or if DOS is considered a problem:
/tmp/user/$USER
where /tmp/user is owned by root, and a very simply setuid root program
does (translated to more appropriate language):
1. mkdir /tmp/user/$UID
2. chown $UID /tmp/user/$UID
Now, DOS is impossible.
(note: hope I didn't get $UID and $EUID confused; you could even make
use a command line parameter - the worst case an attacker could fill
/tmp with lots of directories owned by different users).
--
Brian May <bam@debian.org>
Reply to: