Re: per-user temp directories by default?

To: debian-devel@lists.debian.org
Subject: Re: per-user temp directories by default?
From: Lars Wirzenius <liw@liw.iki.fi>
Date: Fri, 04 Nov 2005 14:08:41 +0200
Message-id: <[🔎] 1131106122.6392.1.camel@esme.liw.iki.fi>
In-reply-to: <[🔎] 20051104120048.GA1070@ikki>
References: <[🔎] 20051104041643.GA17022@morgul.net> <[🔎] 20051104120048.GA1070@ikki>

pe, 2005-11-04 kello 13:00 +0100, Klaus Ethgen kirjoitti:
> Am Fr den  4. Nov 2005 um  5:16 schrieb Noah Meyerhans:
> > Within the security team, there has recently been some talk of pushing
> > for per-user temp directories by default in etch.  I'd like to see what
> 
> That whould be no good idea for security environment where you do
> special think to secure /tmp (make it in memory and encrypt swap). With
> tempdir in users home all applications like for example gpg write
> temporary files to this location which ends up unencrypted on a disk or,
> more bad over an unsecure NFS share to the fileserver.
> 
> Please don't do this by default as it break the security of many, many
> systems!

I don't think the suggestion was to make TMP=~/tmp, but TMP=/tmp/$USER,
where /tmp/$USER is owned by the user in question and is inaccessible to
others. Or perhaps I read too much into the proposal?

-- 
Communication via acronyms is rfs.

Reply to:

Follow-Ups:
- Re: per-user temp directories by default?
  - From: Adam Borowski <kilobyte@mimuw.edu.pl>
- Re: per-user temp directories by default?
  - From: Greg Norris <haphazard@kc.rr.com>

References:
- per-user temp directories by default?
  - From: Noah Meyerhans <noahm@debian.org>
- Re: per-user temp directories by default?
  - From: Klaus Ethgen <Klaus@Ethgen.de>

Prev by Date: Re: per-user temp directories by default?
Next by Date: Re: per-user temp directories by default?
Previous by thread: Re: per-user temp directories by default?
Next by thread: Re: per-user temp directories by default?
Index(es):
- Date
- Thread