[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: per-user temp directories by default?

On Thu, 3 Nov 2005 23:16:43 -0500, Noah Meyerhans <noahm@debian.org> said:


> session optional pam_tmpdir.so

> I have little operational experience with this PAM module, though.
> Does it cause problems for certain apps?  If so, could these problems
> be solved with a less simplistic PAM configuration?

I've been using it for quite a while, and pretty much all applications
work fine (although, as you mentioned, some applications hardcode /tmp).
The only problems, I think, that I have come across are when two
programs try to communicate over a named pipe, or shared file, and one
of them hardcodes /tmp, and the other uses $TMP.  I don't remember which
programs did that, but I remember it happened at least once.

Another potential problem is if a run a suid (non-root) program that
attempts to create a file in $TMP.  But it's suid, so it doesn't run
under my uid, and doesn't have permissions to write to $TMP.  But I've
never run across that -- suid programs are pretty uncommon.

Hubert Chan <hubert@uhoreg.ca> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5 012F 5F74 A5F7 1FF7  5291 AF29 C719 124B 61FA
Key available at wwwkeys.pgp.net.   Encrypted e-mail preferred.

Reply to: