Re: per-user temp directories by default?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Am Fr den 4. Nov 2005 um 13:36 schrieb Jon Dowland:
> ...alongside the private keys in ~/.gnupg?
Well, you can configure gnupg to write secret keys to a secure medium.
Am Fr den 4. Nov 2005 um 15:46 schrieb Noah Meyerhans:
> First of all, libpam_tmpdir doesn't put $TMP in $HOME. Second, we're
Ah, ok. In some mails I understand to put it in $HOME. One more
directory level under /tmp shouldn't be a problem.
> talking about the *default* configuration. If you're doing something
Me too. Also pam configuration can be overwritten from dpkg. (If you
didn't touch it this will be done without asking a question.
Also if it seems to be a good idea to use per user tmp just ask the
sysadmins by a debconf question.
> with encrypted swap or $HOME on NFS, you've already diverged quite a bit
> from the default configuration, so your security would not be broken
> even if $TMP was in $HOME. You'd simply have one single line to delete
> from the default pam configuration.
Well, not pam configuration for this changes. (For other like LDAP or
such you need to) So the config files will be silentely overwritten.
Gruß
Klaus
- --
Klaus Ethgen http://www.ethgen.de/
pub 2048R/D1A4EDE5 2000-02-26 Klaus Ethgen <Klaus@Ethgen.de>
Fingerprint: D7 67 71 C4 99 A6 D4 FE EA 40 30 57 3C 88 26 2B
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iQEVAwUBQ2/Pw5+OKpjRpO3lAQIzQwf/V/GTrGJX4BTn8+a4lBsqlCzssgUSk7aT
Oo2s2GQ3KfJXMNwp/BLxGc/yAhYaNLmysfNEJDrzLaeIUYsohRbzIGiSFCEGmSJf
cOd3yWVuv6vmX5+4pvi3cHk26fteWm22YVcQNwb0sX9JPDWrA5pA6BZUGA9sSkQb
9cFa8VWgJoVA13rbrLKU/Z/gFLZfXF4KQCh0986tR3W4uknRHMBPPyynEVjlfEqb
97AHS3pSyhcawgcmEtRpsKn1K3xtfyv3fqMCIfJ9DNYdKZq9fZT6fUdI2mL8e74E
GH18UKyHstHa2h5D18r4S63A+unDbaF9lbZLI9k0olkIi+UVKyBDhA==
=q86y
-----END PGP SIGNATURE-----
Reply to: