Re: per-user temp directories by default?
Klaus Ethgen <Klaus@Ethgen.de> wrote:
> Am Fr den 4. Nov 2005 um 5:16 schrieb Noah Meyerhans:
>> Within the security team, there has recently been some talk of pushing
>> for per-user temp directories by default in etch. I'd like to see what
> That whould be no good idea for security environment where you do
> special think to secure /tmp (make it in memory and encrypt swap). With
> tempdir in users home all applications like for example gpg write
> temporary files to this location which ends up unencrypted on a disk or,
> more bad over an unsecure NFS share to the fileserver.
What do the security people mean with per-user temp directories? It's
clear that $HOME/tmp would be bad, but /tmp/$USERNAME/ with proper
permissions doesn't sound so awkward.
Inst. f. Biochemie der Univ. Zürich